Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 10.07.2016, 12:56   #1
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



Hallo,
durch einen unbedachten Klick zu später Stunde habe ich mir den MPC Cleaner, eine chinesische Suchmaschine (trotux) und weitere Browserumleitungen ins System geholt. Es gab Casino links und Popups auf dem Bildschirm. Die Popups und die meisten Browserumleitungen habe ich inzwischen entfernen können (ich habs nicht dokumentiert), aber der MPC Cleaner widerstand bisher allen Löschversuchen.

Ich bin Künstlerin, Malerin und habe deshalb die Adobe-Creative-Cloud Programme. Hier läuft Win 10 Pro 64

Vielen Dank schon mal

Hier die logfiles vom FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
durchgeführt von eva (Administrator) auf EVASCOMPUTER (10-07-2016 12:46:44)
Gestartet von C:\Users\eva\Desktop
Geladene Profile: eva (Verfügbare Profile: eva)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\ProgramData\CloudPrinter\CloudPrinter.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Users\eva\AppData\Local\Apps\2.0\abril.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(AVM Berlin) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [EYAN] => C:\Users\eva\AppData\Roaming\THREADAPP.exe
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2016-03-03] (AVM Berlin)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [3834368 2016-06-20] (TomTom)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [QGuan10in1] => C:\Users\eva\AppData\Roaming\UPUpdata\service72564.exe /autorun
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [msiql] => C:\Users\eva\AppData\Roaming\UPUpdata\msiql.exe /RUNNING
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2640336 2015-08-27] (TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [5602768 2015-09-01] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk [2016-03-08]
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Windows\Installer\{084798D2-33EF-42CC-A925-970AF222898B}\NewShortcut1_5A2CAB8514594533A6B50E3D23448BE1.exe (Flexera Software LLC)
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c6ef35ba-7431-4f1d-936d-26820bb64337}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc.)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-31] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: gequlywefegeretaward -> hxxp://google.com/
CHR StartupUrls: gequlywefegeretaward -> "hxxp://www.trotux.com/?z=e6ee2bfd84aa90be2b4ef20g7zbq2bcg0eeo5qbe4o&from=ftp&uid=C300-CTFDDAC128MAG_000000001106030289DD&type=hp","hxxps://www.google.com/"
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-08-18] () [Datei ist nicht signiert]
R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [695296 2016-07-10] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-07-10] (DotC United Inc)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 ProntSpooler; C:\Users\eva\AppData\Local\Apps\2.0\abril.exe [134656 2016-05-19] () [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-29] (Microsoft Corporation) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 VSStandardCollectorService140; F:\programmie\VisualStudio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 CoacuiedclernegeModulejedeentsherwusy.exe; "C:\Program Files (x86)\Stabily\CoacuiedclernegeModulejedeentsherwusy.exe" {C25DA384-2010-45A4-A1ED-BFA540D4789B} {9DC74CD5-24EA-4ADE-9C42-608A8CE17116} [X]
S2 dowidoly; C:\Program Files (x86)\1F002AC0-1468102438-0800-5248-BCAEC528E8F5\jnsg5BE4.tmp [X]
S2 mesuwebyzbt; C:\Program Files (x86)\1F002AC0-1468102438-0800-5248-BCAEC528E8F5\knsm450A.tmpfs [X]
S3 rijufoze; C:\Program Files (x86)\1F002AC0-1468102438-0800-5248-BCAEC528E8F5\hnsu7114.tmp [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2016-03-03] (AVM Berlin)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-07-10] (DotC United Inc)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-06-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192864 2016-06-28] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-10 12:40 - 2016-07-10 12:46 - 00020912 _____ C:\Users\eva\Desktop\FRST.txt
2016-07-10 12:39 - 2016-07-10 12:39 - 00066249 _____ C:\Users\eva\Downloads\FRST.txt
2016-07-10 12:38 - 2016-07-10 12:38 - 02390016 _____ (Farbar) C:\Users\eva\Desktop\FRST64.exe
2016-07-10 12:31 - 2016-07-10 12:31 - 00000000 ___HD C:\OneDriveTemp
2016-07-10 12:31 - 2016-07-10 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-07-10 04:41 - 2016-07-10 04:41 - 00000244 _____ C:\Users\eva\vercolystecuyConfiguration.dll
2016-07-10 04:11 - 2016-07-10 12:31 - 00001804 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-07-10 04:06 - 2016-07-10 04:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\eva\Downloads\HijackThis.exe
2016-07-10 03:31 - 2016-07-10 03:38 - 00061356 _____ C:\Users\eva\Downloads\Addition.txt
2016-07-10 03:24 - 2016-07-10 12:46 - 00000000 ____D C:\FRST
2016-07-10 03:22 - 2016-07-10 03:22 - 01740288 _____ (Farbar) C:\Users\eva\Downloads\FRST.exe
2016-07-10 03:12 - 2016-07-10 03:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-10 03:10 - 2016-07-10 03:11 - 22851472 _____ (Malwarebytes ) C:\Users\eva\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-10 02:59 - 2016-07-10 02:59 - 00000000 ____D C:\Users\eva\AppData\Roaming\MCorp
2016-07-10 01:43 - 2016-07-10 01:43 - 00000000 ____D C:\$SysReset
2016-07-10 01:04 - 2016-07-10 01:04 - 00003258 _____ C:\Windows\System32\Tasks\{FBAB2A37-92E4-40C1-BE7F-FE68411ACADE}
2016-07-10 00:59 - 2016-07-10 00:59 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2016-07-10 00:20 - 2016-07-10 00:20 - 00000000 ____D C:\Program Files (x86)\Maxthon
2016-07-10 00:19 - 2016-07-10 00:19 - 00092872 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive.sys
2016-07-10 00:18 - 2016-07-10 01:02 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-07-10 00:18 - 2016-07-10 00:21 - 00000000 ____D C:\Users\eva\AppData\Local\app
2016-07-10 00:17 - 2016-07-10 03:01 - 00000000 ____D C:\ProgramData\CloudPrinter
2016-07-10 00:17 - 2016-07-10 01:00 - 00000000 ____D C:\Windows\system32\SSL
2016-07-10 00:17 - 2016-07-10 00:24 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-07-10 00:17 - 2016-07-10 00:17 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-07-10 00:17 - 2016-07-10 00:17 - 00001170 _____ C:\Users\eva\Desktop\AutoTime.lnk
2016-07-10 00:17 - 2016-07-10 00:17 - 00000000 ____D C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
2016-07-10 00:16 - 2016-07-10 12:08 - 00000000 ____D C:\Program Files (x86)\Stabily
2016-07-10 00:16 - 2016-07-10 04:11 - 00000000 ____D C:\Program Files (x86)\Max Driver Updater
2016-07-10 00:16 - 2016-07-10 01:05 - 00000000 ____D C:\Program Files (x86)\mpck
2016-07-10 00:16 - 2016-07-10 00:17 - 00009100 _____ C:\Windows\System32\Tasks\Coacuiedclernege Module
2016-07-10 00:16 - 2016-07-10 00:17 - 00000000 ____D C:\Users\eva\AppData\Local\prevuchnirolyghucult
2016-07-10 00:16 - 2016-07-10 00:16 - 00003128 _____ C:\Windows\System32\Tasks\tasklist
2016-07-10 00:14 - 2016-07-10 00:12 - 00001691 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-07-10 00:13 - 2016-07-10 00:14 - 00000000 ____D C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage
2016-07-09 16:27 - 2016-07-09 16:27 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign8a9e4e73cc81320e
2016-07-09 16:19 - 2016-07-09 16:19 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsigna541fe704658e6d0
2016-07-09 10:51 - 2016-07-09 10:51 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign8950d5c0eb41d0d4
2016-07-08 12:44 - 2016-07-08 12:44 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign1c21974cc5323cbe
2016-07-07 21:17 - 2016-07-07 21:17 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign6a42175d11ce9983
2016-07-07 12:52 - 2016-07-07 12:52 - 00000036 _____ C:\Users\eva\Desktop\altephp5.6versionausdemPath.txt
2016-07-07 12:46 - 2016-07-07 12:47 - 06737632 _____ (Advanced Micro Devices) C:\Users\eva\Downloads\amd1560cleanuputility.exe
2016-07-07 11:33 - 2016-07-07 11:33 - 21953914 _____ C:\Users\eva\Downloads\php-7.0.8-nts-Win32-VC14-x86.zip
2016-07-06 11:40 - 2016-07-06 11:40 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign5f71f104bbf2dddb
2016-07-05 18:31 - 2016-07-05 18:31 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignee2538f887103dab
2016-07-05 18:29 - 2016-07-05 18:29 - 00000967 _____ C:\Users\eva\Desktop\NLP-8-9.Okt-ExplorersKompakt-gewonnen.txt
2016-07-02 00:57 - 2016-07-02 00:57 - 00002133 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen-2.txt
2016-07-01 14:19 - 2016-07-01 20:19 - 00004323 _____ C:\Users\eva\Desktop\gedok-feeds.txt
2016-07-01 14:07 - 2016-07-01 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-07-01 14:03 - 2016-07-01 14:05 - 113455072 _____ (Oracle Corporation) C:\Users\eva\Downloads\VirtualBox-5.0.24-108355-Win.exe
2016-07-01 13:53 - 2016-07-01 13:54 - 173203674 _____ C:\Users\eva\Downloads\vagrant_1.8.4.msi
2016-07-01 10:45 - 2016-07-01 10:45 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignb8caf8409a2d90a0
2016-07-01 00:34 - 2016-07-01 00:34 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsigndbc3b84bd60caed9
2016-06-30 20:25 - 2016-06-30 20:25 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignf9b78ff7098949f6
2016-06-30 11:18 - 2016-06-30 11:19 - 00000000 ____D C:\Users\eva\Documents\Kurse
2016-06-30 10:06 - 2016-06-30 10:06 - 00028160 _____ C:\Users\eva\Documents\vr-export-wegleitner.xls
2016-06-29 14:31 - 2016-06-29 14:31 - 00002165 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen.txt
2016-06-29 13:48 - 2016-06-29 13:48 - 06569088 _____ (Tim Kosse) C:\Users\eva\Downloads\FileZilla_3.19.0_win64-setup.exe
2016-06-29 12:31 - 2016-07-08 22:07 - 00000000 ____D C:\Users\eva\Documents\GEDOK
2016-06-28 17:21 - 2016-06-28 17:21 - 00192864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-06-28 17:21 - 2016-06-28 17:21 - 00119712 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\eva\AppData\Roaming\EYapp.apk
2016-06-25 14:37 - 2015-09-01 15:11 - 00049152 _____ () C:\Windows\SysWOW64\LGErrorHandler.dll
2016-06-25 14:35 - 2016-06-25 14:36 - 15210348 _____ C:\Users\eva\Downloads\ScreenSplit_6.55.zip
2016-06-25 14:28 - 2016-06-25 14:37 - 00002364 _____ C:\Users\Public\Desktop\Screen Split.lnk
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Split
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-06-25 14:28 - 2015-09-01 15:12 - 00131072 _____ (LG Soft India) C:\Windows\SysWOW64\LGMonitorDDCCISDK.dll
2016-06-25 14:28 - 2015-09-01 15:11 - 00102400 _____ (LG Soft India) C:\Windows\SysWOW64\LGProtocolEngine.dll
2016-06-25 14:28 - 2015-04-13 15:07 - 00019968 _____ C:\Windows\SysWOW64\LGPII2CDriver.sys
2016-06-25 14:28 - 2015-04-13 15:07 - 00016384 _____ (LG Soft India) C:\Windows\SysWOW64\LGI2CDriver.sys
2016-06-25 14:28 - 2014-09-04 09:16 - 00196608 _____ (LG Soft India) C:\Windows\SysWOW64\LGDeviceManager.dll
2016-06-25 13:05 - 2016-06-25 13:05 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign01746f0fa8ee59c5
2016-06-24 21:26 - 2016-06-24 21:35 - 00002928 _____ C:\Users\eva\Desktop\gedok-web-ssl-undnewsletter-umbau.txt
2016-06-24 20:08 - 2016-06-24 20:08 - 00002215 _____ C:\Users\eva\Desktop\windows-mobile-email-einrichtungs-anleitung-STRATO.txt
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838.pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (2).pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (1).pdf
2016-06-24 16:49 - 2016-06-24 16:49 - 00002798 _____ C:\Users\eva\Desktop\confirmation.htm
2016-06-23 20:27 - 2016-06-23 20:27 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignae6485b61ced49ea
2016-06-23 20:09 - 2016-06-23 20:09 - 00003584 _____ C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 11:19 - 2016-06-23 11:19 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign0df7904a16630f04
2016-06-23 11:09 - 2016-06-23 11:09 - 00000129 _____ C:\Users\eva\Desktop\gedok-katalog-text.txt
2016-06-23 10:32 - 2016-06-23 10:32 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign582920eb00311580
2016-06-23 10:31 - 2016-06-23 10:31 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign8d0fa2eb8b61a7e1
2016-06-23 00:54 - 2016-06-23 00:54 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignf5ea9e767ae33722
2016-06-23 00:45 - 2016-06-23 00:45 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign438b3f56308d5497
2016-06-21 18:23 - 2016-06-21 18:23 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign8860303c7daecd4b
2016-06-21 16:24 - 2016-06-21 16:24 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignd93e8371ef8ab2e9
2016-06-21 16:15 - 2016-06-21 16:15 - 00001185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-06-21 16:08 - 2016-06-21 16:08 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\Desktop\Painting and Classic Frames
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsigna70787bf51d8cad6
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign89f793554ebdaeec
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign2ba66e15e957dc26
2016-06-21 15:54 - 2016-06-21 15:54 - 00001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-06-21 01:29 - 2016-06-21 01:29 - 00052301 _____ C:\Users\eva\Desktop\DHLReturnLabel.pdf
2016-06-21 01:27 - 2016-06-21 01:27 - 00048159 _____ C:\Users\eva\Desktop\DHL_Collection_Details_de.pdf
2016-06-21 01:21 - 2016-06-21 01:21 - 00040845 _____ C:\Users\eva\Desktop\basisband-Eva**********-**********.pdf
2016-06-21 01:20 - 2016-06-21 01:20 - 00037547 _____ C:\Users\eva\Downloads\Eva**********-**********.pdf
2016-06-18 17:22 - 2016-06-18 17:22 - 06140101 _____ C:\Users\eva\Downloads\dict-en.oxt
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts.csv
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts (1).csv
2016-06-18 17:05 - 2016-06-18 17:05 - 00042768 _____ C:\Users\eva\Downloads\google.csv
2016-06-14 20:09 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-14 20:09 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 20:09 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-14 20:09 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-14 20:09 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-14 20:09 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-14 20:09 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-14 20:09 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-14 20:09 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-14 20:09 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-14 20:09 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-14 20:09 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-14 20:09 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-14 20:09 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-14 20:09 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-14 20:08 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-14 20:08 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-14 20:08 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-14 20:08 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-14 20:08 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-14 20:08 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-14 20:08 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-14 20:08 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-14 20:08 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-14 20:08 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-14 20:08 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-14 20:08 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 20:08 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-14 20:08 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-14 20:08 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-14 20:08 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-14 20:08 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 20:08 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 20:08 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-14 20:08 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-14 20:08 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-14 20:08 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-14 20:08 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-14 20:08 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-14 20:08 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-14 20:08 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-14 20:08 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-14 20:08 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-14 20:08 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 20:08 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-14 20:08 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 20:08 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00579072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 20:08 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 03292672 _____ (Microsoft Corporation) C:\Windows\system32\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-14 20:08 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 02470912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-14 20:08 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-14 20:08 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-14 20:08 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-14 20:08 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-14 20:08 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-14 20:08 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-14 20:08 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-14 20:08 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-14 20:08 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 19:50 - 2016-06-14 19:50 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-14 19:50 - 2016-06-14 19:50 - 00001220 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-10 12:38 - 2016-02-27 23:28 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-10 12:38 - 2016-02-27 23:28 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 12:37 - 2016-02-27 23:22 - 01909068 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-10 12:37 - 2015-10-30 20:35 - 00817138 _____ C:\Windows\system32\perfh007.dat
2016-07-10 12:37 - 2015-10-30 20:35 - 00172644 _____ C:\Windows\system32\perfc007.dat
2016-07-10 12:37 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-07-10 12:32 - 2016-03-05 16:08 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{42188E08-F75C-4F15-BB9B-3934F8C818AA}
2016-07-10 12:32 - 2016-02-28 00:03 - 00000000 ___RD C:\Users\eva\Creative Cloud Files
2016-07-10 12:32 - 2016-02-28 00:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-10 12:32 - 2016-02-27 23:58 - 00000000 ____D C:\Users\eva\AppData\Local\Adobe
2016-07-10 12:31 - 2016-06-07 20:07 - 00000000 ___RD C:\Users\eva\iCloudDrive
2016-07-10 12:31 - 2016-05-24 19:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-10 12:31 - 2016-02-27 23:22 - 00000000 ___RD C:\Users\eva\OneDrive
2016-07-10 12:31 - 2016-02-27 23:14 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-10 12:30 - 2015-10-30 08:28 - 00786432 ___SH C:\Windows\system32\config\BBI
2016-07-10 12:27 - 2016-02-27 23:28 - 00002468 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-10 12:27 - 2016-02-27 23:28 - 00002456 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-10 11:51 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-07-10 11:46 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-10 04:45 - 2016-05-13 19:36 - 00001205 _____ C:\Users\eva\Desktop\sublime text 3.lnk
2016-07-10 04:41 - 2016-02-27 23:16 - 00000000 ____D C:\Users\eva
2016-07-10 00:16 - 2016-03-03 15:54 - 00000000 ____D C:\Users\eva\AppData\Local\Apps\2.0
2016-07-09 21:22 - 2016-04-15 18:30 - 00000000 ____D C:\Users\eva\AppData\Roaming\vlc
2016-07-09 21:20 - 2016-02-27 23:20 - 00000000 ____D C:\Users\eva\AppData\Local\Packages
2016-07-09 16:41 - 2016-02-28 19:32 - 00007224 _____ C:\Users\eva\.bash_history
2016-07-09 16:40 - 2016-02-28 19:27 - 00000000 ____D C:\Users\eva\.vagrant.d
2016-07-09 10:59 - 2016-03-02 14:39 - 00001346 _____ C:\Users\eva\Desktop\homestead        vagrant up.lnk
2016-07-09 10:59 - 2016-02-28 14:05 - 00000000 ____D C:\Users\eva\.VirtualBox
2016-07-08 22:08 - 2016-03-03 00:54 - 00000000 ____D C:\Users\eva\AppData\Roaming\FileZilla
2016-07-08 20:14 - 2016-03-04 23:31 - 00000000 ____D C:\Users\eva\AppData\Local\Composer
2016-07-08 14:46 - 2016-02-28 15:17 - 00000000 ____D C:\Users\eva\AppData\Roaming\Composer
2016-07-07 13:55 - 2016-05-19 19:51 - 00000000 ____D C:\Users\eva\Documents\KunstKateVolksdorf
2016-07-07 11:46 - 2016-02-28 14:45 - 00000000 ____D C:\php
2016-07-07 10:00 - 2016-03-17 22:09 - 00001421 _____ C:\Users\eva\Desktop\PhpStorm 2016.1.lnk
2016-07-07 02:39 - 2016-02-28 14:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-05 09:22 - 2016-03-03 18:40 - 00000000 ____D C:\Users\eva\AppData\Local\CrashDumps
2016-07-05 09:16 - 2016-02-29 01:06 - 00000000 ____D C:\Users\Public\Documents\VR-NetWorld
2016-07-01 14:07 - 2016-02-28 14:05 - 00000799 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-06-29 13:49 - 2016-03-03 00:54 - 00000961 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-06-29 13:49 - 2016-03-03 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-06-28 17:21 - 2016-02-28 14:05 - 00917032 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-06-28 17:21 - 2016-02-28 14:05 - 00143568 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-06-25 17:58 - 2016-06-07 22:32 - 00000000 ____D C:\Users\eva\Documents\adressen
2016-06-25 14:28 - 2016-02-29 01:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-23 18:29 - 2016-02-28 00:11 - 00000000 ____D C:\Users\eva\Documents\Adobe
2016-06-23 18:29 - 2016-02-27 23:20 - 00000000 ____D C:\Users\eva\AppData\Roaming\Adobe
2016-06-23 15:16 - 2016-02-27 23:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-23 10:06 - 2016-03-31 16:50 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-06-22 22:58 - 2016-04-21 21:39 - 00000000 ____D C:\Program Files (x86)\TomTom
2016-06-22 22:57 - 2016-04-21 21:42 - 54989144 _____ C:\Users\eva\Downloads\TomTomMySportsConnectInstaller.exe
2016-06-21 16:17 - 2016-02-28 00:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-21 16:17 - 2016-02-28 00:09 - 00000000 ____D C:\Program Files\Adobe
2016-06-17 23:48 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-06-17 23:24 - 2016-03-26 15:49 - 00000000 ____D C:\Users\eva\Downloads\bootstrap-3.3.6-dist
2016-06-17 17:22 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-06-15 00:31 - 2016-02-27 23:11 - 04890512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-06-14 21:40 - 2016-02-28 14:25 - 00000000 ____D C:\Windows\system32\MRT
2016-06-14 21:36 - 2016-02-28 14:25 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 19:50 - 2016-02-28 00:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-14 19:43 - 2016-03-03 15:54 - 00000000 ____D C:\Users\eva\AppData\Local\Deployment
2016-06-13 00:42 - 2016-03-08 16:37 - 00000000 ____D C:\Program Files (x86)\VR-NetWorld

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-08-28 22:43 - 2010-08-28 22:43 - 0577335 ____N () C:\Users\eva\AppData\Roaming\adb.exe
2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\eva\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\eva\AppData\Roaming\AdbWinUsbApi.dll
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\eva\AppData\Roaming\EYapp.apk
2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 ____N () C:\Users\eva\AppData\Roaming\fastboot.exe
2016-03-19 15:33 - 2016-03-19 20:23 - 0000600 _____ () C:\Users\eva\AppData\Roaming\winscp.rnd
2016-06-23 20:09 - 2016-06-23 20:09 - 0003584 _____ () C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-19 14:25 - 2016-04-22 23:48 - 0000600 _____ () C:\Users\eva\AppData\Local\PUTTY.RND
2016-03-20 21:05 - 2016-03-20 21:05 - 0000057 _____ () C:\ProgramData\Ament.ini

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\eva\vercolystecuyConfiguration.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-03 17:09

==================== Ende von FRST.txt ============================
         
weiteres im nächsten post

Alt 10.07.2016, 13:04   #2
M-K-D-B
/// TB-Ausbilder
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!









Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von MBAM,
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 10.07.2016, 14:26   #3
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - win10pro



Hallo,
und hier der zweite Teil, der Addition log:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-07-2016
durchgeführt von eva (2016-07-10 12:47:24)
Gestartet von C:\Users\eva\Desktop
Windows 10 Pro Version 1511 (X64) (2016-02-27 21:15:50)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1764389191-2749221916-298074052-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1764389191-2749221916-298074052-503 - Limited - Disabled)
eva (S-1-5-21-1764389191-2749221916-298074052-1001 - Administrator - Enabled) => C:\Users\eva
Gast (S-1-5-21-1764389191-2749221916-298074052-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.0.090 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Astrocontact Astroplus (HKLM-x32\...\Astrocontact Astroplus Demo_is1) (Version:  - Astrocontact Software)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.0.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
CodedUITestUAP (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.19.1 de-DE (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.3.19290 - Landesfinanzdirektion Thüringen)
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.7 (x32 Version: 1.7.40113.5 - Microsoft Corporation) Hidden
Git version 2.7.2 (HKLM\...\Git_is1) (Version: 2.7.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
IDE Tools for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JetBrains PhpStorm 10.0.3 (HKLM-x32\...\PhpStorm 10.0.3) (Version: 143.1770 - JetBrains s.r.o.)
JetBrains PhpStorm 145.184.39 (HKLM-x32\...\PhpStorm 145.184.39) (Version: 145.184.39 - JetBrains s.r.o.)
JetBrains PhpStorm 2016.1 (HKLM-x32\...\PhpStorm 2016.1) (Version: 145.258.2 - JetBrains s.r.o.)
JetBrains PhpStorm 2016.1.1 (HKLM-x32\...\PhpStorm 2016.1.1) (Version: 145.969.15 - JetBrains s.r.o.)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Update 2 (HKLM-x32\...\{f2892dc5-7ac2-4ae4-a296-b5b159f61255}) (Version: 14.0.25123.0 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.0 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{7EB9C851-997C-4B84-BE81-D064FA62B0D4}) (Version: 5.10.1 - Node.js Foundation)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
OpenOffice 4.1.2 Language Pack (German) (HKLM-x32\...\{E0E6DB8D-D2B1-4A0B-A09C-44DBC09BF499}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.24 (HKLM\...\{BA15D402-19CA-493E-958B-170A0C446F25}) (Version: 5.0.24 - Oracle Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
PuTTY release 0.67 (HKLM-x32\...\PuTTY_is1) (Version: 0.67 - Simon Tatham)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Add to Path (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.57 - LG Electronics Inc.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
trotux - Uninstall (HKLM-x32\...\{AC955DA7-5091-4E6D-8330-19D5C2BDBF51}) (Version:  - ) <==== ACHTUNG
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.31.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vagrant (HKLM-x32\...\{46269A3F-7DFD-4920-AC45-B598BEA166AA}) (Version: 1.8.4 - HashiCorp)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )
VR-NetWorld Software (HKLM-x32\...\{084798D2-33EF-42CC-A925-970AF222898B}) (Version: 6.00.17 - Volksbanken Raiffeisenbanken)
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
vs_update2notification (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - )
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6B46570F42A0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2592BE6C-EB83-4210-955F-9EF63AF3AE48} - System32\Tasks\AdobeAAMUpdater-1.0-EVASCOMPUTER-eva => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {2C3F4CEB-C0DF-4C22-B512-5BBC28EEF5E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {31ED907D-68F0-415A-B9D2-8597C8237F1A} - System32\Tasks\Coacuiedclernege Module => C:\Program Files (x86)\Stabily\CoacuiedclernegeModuleanaferchatinay.exe [2016-07-09] ()
Task: {3AC0ED25-46DC-4FAC-9DA9-4176A4C9C6BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-14] (Microsoft Corporation)
Task: {5BF4B8EA-FB8A-4EA7-99CE-107B4A8607A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {7AD13281-AD72-41DF-8929-E21AF802BB5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {86DDD67D-EE19-40BD-A8CA-DABAB8E388A3} - System32\Tasks\tasklist => C:\Users\eva\AppData\Roaming\UPUpdata\service72564.exe
Task: {8CD26B33-7E15-4589-916D-13D6DC08231B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {A0871AE6-A033-4957-87C3-2C5B88791DAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {AC5538EE-4D21-46A2-927D-4E927DF78F8F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-eva*******.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {CBD9382E-8B06-4AF1-AB9F-8AF43442AD83} - System32\Tasks\{FBAB2A37-92E4-40C1-BE7F-FE68411ACADE} => pcalua.exe -a "C:\Program Files\ZipTool\Uninstall.exe" -c -m=control
Task: {F4C32A4B-B0A7-407C-BF14-4096F856B31C} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => F:\programmie\VisualStudio\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ACHTUNG

ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8c6fe9a0a65c7f37\Google Chrome.lnk -> C:\Users\eva\AppData\Local\Google\Chrome\User Data\gequlywefegeretaward\Google Profile.ico () -> --profile-directory=gequlywefegeretaward
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://yeabests.cc

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-05-24 19:19 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-24 21:07 - 2012-08-31 16:03 - 00288768 ____N () C:\Windows\System32\HP1100LM.DLL
2016-03-24 21:15 - 2012-08-31 16:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2016-07-10 00:17 - 2016-07-10 00:16 - 00695296 _____ () C:\ProgramData\CloudPrinter\CloudPrinter.exe
2015-08-18 22:31 - 2015-08-18 22:31 - 00048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-05-24 20:45 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-24 20:45 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-19 16:41 - 2016-05-19 16:41 - 00134656 _____ () C:\Users\eva\AppData\Local\Apps\2.0\abril.exe
2016-05-24 20:45 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-24 20:45 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-24 20:45 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-12 19:44 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-12 19:44 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-24 17:43 - 2016-05-24 17:43 - 00959168 _____ () C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-28 15:17 - 2013-11-22 17:10 - 00103880 _____ () C:\Program Files (x86)\ComposerSetup\shellext64.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-28 14:24 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 23:29 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 20:08 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 20:08 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 20:08 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 20:08 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-04-19 17:32 - 2016-04-19 17:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-24 19:32 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-24 17:43 - 2016-05-24 17:43 - 00679624 _____ () C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00016896 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\DeviceDetection.dll
2016-06-20 15:19 - 2016-06-20 15:19 - 01076736 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\ContentManager.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00019968 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TomTomSupporterBase.dll
2016-06-20 15:19 - 2016-06-20 15:19 - 00028672 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\QtSolutions_SingleApplication.dll
2016-06-20 15:17 - 2016-06-20 15:17 - 00109568 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\kqoauth.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00017920 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TimeParse.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-06-03 03:36 - 2016-06-03 03:36 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2009-08-04 18:23 - 2009-08-04 18:23 - 00063032 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll
2009-08-04 18:23 - 2009-08-04 18:23 - 00075320 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll
2016-06-27 17:22 - 2016-06-27 17:22 - 00048816 _____ () F:\programme\FileZilla FTP Client\fzshellext.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-06-08 00:41 - 2016-06-08 00:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00121344 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-03 03:20 - 2016-06-03 03:20 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-05-20 17:30 - 2016-05-20 17:30 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-05-20 17:29 - 2016-05-20 17:29 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-06-17 23:39 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 23:39 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-07-10 02:50 - 00001331 ____A C:\Windows\system32\Drivers\etc\hosts

192.168.10.10       phpmyadmin.dev
192.168.10.11  		moiekraam.dev
192.168.10.10  		gedok_drei.dev
192.168.10.10  		katesieben2015.dev
192.168.10.10  		katesechs2015.dev
192.168.10.10  		kateacht2015.dev
192.168.10.10  		kateneun2015.dev
192.168.10.10  		KateEins2016Spark.dev
192.168.10.10  		schuermann.dev
192.168.10.10  		MoieLanding2.dev
192.168.10.10  		katezwei2016.dev
192.168.10.10  		katedrei2016.dev
192.168.10.10  		lw-2016-KatenBlog.dev
192.168.10.10  		wp.lw-2016-KatenBlog.dev

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "EYAN"
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\StartupApproved\Run: => "msiql"
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\StartupApproved\Run: => "QGuan10in1"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{784112A9-A3C6-4BDD-9ED8-46BA7A307E24}F:\programmie\virtualboxwin10\vboxheadless.exe] => (Allow) F:\programmie\virtualboxwin10\vboxheadless.exe
FirewallRules: [UDP Query User{241D35D6-8731-4CA8-984E-422512C48EE2}F:\programmie\virtualboxwin10\vboxheadless.exe] => (Allow) F:\programmie\virtualboxwin10\vboxheadless.exe
FirewallRules: [{F4A6582C-1073-4442-B4E6-948D9130B9AD}] => (Allow) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{71550C36-8C38-4023-83EC-50DF5EF66FD3}] => (Allow) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{DFCB7EEF-64DC-4E38-8411-9043634D4B97}C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{03CDE024-49F7-4AFE-A14D-EAA929A2C7B3}C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{9BBACB26-BB64-4EAF-AFBD-1BA7B4124F78}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{2DC9576D-28D8-472D-8433-6962859A39FE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8ED3AD6D-AB33-4C31-AF5B-BDBA2D5976AF}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2981F380-867B-4867-903E-E4D3288068C9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B8C0C8A8-1219-4229-AD8F-DB01EB2E1F3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{20BB3DA7-B517-4182-BBDF-D11DF0A54F1D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{F7F92C6B-1E55-4E50-805F-174271A587BA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BA72B91B-ED78-4851-8100-2E5F36CA6479}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B3CB3673-4F10-4074-8417-C72C7249F17D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{85A1331A-1F28-4627-91A0-3319129B2E2C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{826AD43B-2EB6-40C8-B0B4-8C986844D993}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9333F9D2-6F7D-4966-A834-BA7B8789FDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C2816592-6068-43F3-B12B-4AA4168A5745}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21F23D24-9663-44FF-B24E-F683694D9BB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{44EB0A33-6357-430D-A878-9451A45E104F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{814CA135-EA5C-4B63-B4A4-9EFE6F306F2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B690A38D-BEF2-47CF-905F-1E639DF45DA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47251C24-8FF7-4958-AEF9-42F31057750F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{06859BF8-A87B-4669-AFF7-A4831A25E8E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5BBA4D12-2EBE-4318-9275-A5BE63B151BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4BE8013-364F-4C28-A149-C37A9F2D52D6}] => (Allow) F:\programmie\VisualStudio\Common7\IDE\devenv.exe
FirewallRules: [{CA974891-3E95-4F3D-9908-67B01417506B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CABD434D-12EF-46ED-8836-FCBDDDF2E21C}F:\programme\vlc\vlc.exe] => (Allow) F:\programme\vlc\vlc.exe
FirewallRules: [UDP Query User{BB3447DA-0C58-4DC8-8D93-F702EE4E50E9}F:\programme\vlc\vlc.exe] => (Allow) F:\programme\vlc\vlc.exe
FirewallRules: [{CCE4E61E-3B78-40C8-84BC-5CA0D7448E50}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{5AF5EAF8-AFDD-4335-B666-8593FBD2070E}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\DrvUpdate.exe

==================== Wiederherstellungspunkte =========================

22-06-2016 09:03:53 Geplanter Prüfpunkt
25-06-2016 14:28:33 Installiert Screen Split
01-07-2016 14:07:10 Installed Oracle VM VirtualBox 5.0.24
07-07-2016 12:47:18 AMDCleanupUtility Restore Point

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/10/2016 12:41:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsh70D1.exe, Version: 0.0.0.0, Zeitstempel: 0x578224d8
Name des fehlerhaften Moduls: nsh70D1.exe, Version: 0.0.0.0, Zeitstempel: 0x578224d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x20b8
Startzeit der fehlerhaften Anwendung: 0xnsh70D1.exe0
Pfad der fehlerhaften Anwendung: nsh70D1.exe1
Pfad des fehlerhaften Moduls: nsh70D1.exe2
Berichtskennung: nsh70D1.exe3
Vollständiger Name des fehlerhaften Pakets: nsh70D1.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsh70D1.exe5

Error: (07/10/2016 12:41:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: nsh70D1.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00E03146
Stapel:

Error: (07/10/2016 04:21:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsr710F.exe, Version: 0.0.0.0, Zeitstempel: 0x5781ad51
Name des fehlerhaften Moduls: nsr710F.exe, Version: 0.0.0.0, Zeitstempel: 0x5781ad51
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x204c
Startzeit der fehlerhaften Anwendung: 0xnsr710F.exe0
Pfad der fehlerhaften Anwendung: nsr710F.exe1
Pfad des fehlerhaften Moduls: nsr710F.exe2
Berichtskennung: nsr710F.exe3
Vollständiger Name des fehlerhaften Pakets: nsr710F.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsr710F.exe5

Error: (07/10/2016 04:21:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: nsr710F.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00053146
Stapel:

Error: (07/10/2016 03:01:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsk5FAA.exe, Version: 0.0.0.0, Zeitstempel: 0x57819843
Name des fehlerhaften Moduls: nsk5FAA.exe, Version: 0.0.0.0, Zeitstempel: 0x57819843
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x13bc
Startzeit der fehlerhaften Anwendung: 0xnsk5FAA.exe0
Pfad der fehlerhaften Anwendung: nsk5FAA.exe1
Pfad des fehlerhaften Moduls: nsk5FAA.exe2
Berichtskennung: nsk5FAA.exe3
Vollständiger Name des fehlerhaften Pakets: nsk5FAA.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsk5FAA.exe5

Error: (07/10/2016 03:01:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: nsk5FAA.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00223146
Stapel:

Error: (07/10/2016 12:25:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemHealer.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8e4

Startzeit: 01d1da30a38e7863

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\SystemHealer\SystemHealer.exe

Berichts-ID: 1a12cd2d-4624-11e6-b242-bcaec528e8f5

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (07/10/2016 12:25:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm NarutoOnlinede.exe, Version 2.3.0.4222 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9fc

Startzeit: 01d1da30b6acf11c

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\NarutoOnline\NarutoOnlinede.exe

Berichts-ID: 170962ad-4624-11e6-b242-bcaec528e8f5

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (07/10/2016 12:25:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HealerConsole.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16ec

Startzeit: 01d1da30a15e40de

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\SystemHealer\HealerConsole.exe

Berichts-ID: 0b149fea-4624-11e6-b242-bcaec528e8f5

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (07/10/2016 12:18:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm 79FA.tmp, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d34

Startzeit: 01d1da2f9ace4cc4

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\Temp\79FA.tmp

Berichts-ID: 0428f752-4623-11e6-b241-bcaec528e8f5

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:


Systemfehler:
=============
Error: (07/10/2016 12:33:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Coacuiedclernege Module" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


Error: (07/10/2016 12:31:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "mesuwebyzbt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


Error: (07/10/2016 12:31:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "dowidoly" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


Error: (07/10/2016 12:29:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/10/2016 12:29:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_909c7b erreicht.

Error: (07/10/2016 12:29:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _909c7b erreicht.

Error: (07/10/2016 12:29:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenspeicher _909c7b" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.


Error: (07/10/2016 12:28:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_909c7b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2016 12:28:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _909c7b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2016 12:28:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_909c7b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-07-10 12:48:55.189
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:48:55.174
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:42:54.366
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:42:54.351
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:39:41.179
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:39:41.164
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:39:40.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:39:40.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:39:10.721
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 12:39:10.703
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X4 955 Processor
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8191.17 MB
Verfügbarer physikalischer RAM: 5198.62 MB
Summe virtueller Speicher: 9471.17 MB
Verfügbarer virtueller Speicher: 6171.23 MB

==================== Laufwerke ================================

Drive c: (SSD500) (Fixed) (Total:465.76 GB) (Free:346.84 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (W-Elements) (Fixed) (Total:1397.26 GB) (Free:1106.8 GB) NTFS
Drive f: (zweite) (Fixed) (Total:931.51 GB) (Free:623.82 GB) NTFS
Drive x: () (Fixed) (Total:119.14 GB) (Free:29.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: FF67AEEB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00510050)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 247A7B0F)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 0012A785)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
und hier noch zwei logfile aus dem windows TMP Verzeichnis, die sagen, dass MPC als NetworkService läuft, MpCmdRun . log:
Code:
ATTFilter
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey A5F75E14-2394-DC1E-ABA5-05AF1FB01ED0
 Start Time: ‎So ‎Jul ‎10 ‎2016 04:06:20

Run as Network Service
MpCmdRun: End Time: ‎So ‎Jul ‎10 ‎2016 04:06:20
-------------------------------------------------------------------------------------


-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 9BF98ADA-AA59-69FF-0F8B-45372EABD77F
 Start Time: ‎So ‎Jul ‎10 ‎2016 04:11:28

Run as Network Service
MpCmdRun: End Time: ‎So ‎Jul ‎10 ‎2016 04:11:28
-------------------------------------------------------------------------------------


-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Windows Defender\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges
 Start Time: ‎So ‎Jul ‎10 ‎2016 04:21:09

Run as Network Service
MpCmdRun: End Time: ‎So ‎Jul ‎10 ‎2016 04:21:09
-------------------------------------------------------------------------------------


-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 101B8C3B-5C51-92E4-8D05-7801B60664C9
 Start Time: ‎So ‎Jul ‎10 ‎2016 12:31:26

Run as Network Service
MpCmdRun: End Time: ‎So ‎Jul ‎10 ‎2016 12:31:26
-------------------------------------------------------------------------------------


-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Windows Defender\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges
 Start Time: ‎So ‎Jul ‎10 ‎2016 12:41:04

Run as Network Service
MpCmdRun: End Time: ‎So ‎Jul ‎10 ‎2016 12:41:04
         
und hier die zweite MpSigStub.log
Code:
ATTFilter
----------------------------------------------------------------------------------
Command:    MpSigStub.exe /program WD /q
Start time: 10.07.2016 04:16 (version 1.1.12939.0)

=================================== ProductSearch ==================================

                 Windows Defender:
         Status: Active           
        Product: 4.9.10586.0      
         Engine: 1.1.12902.0      
     Signatures: 1.225.1020.0     
     NIS Engine: 2.1.12706.0      
 NIS Signatures: 116.12.0.0       

================================ PackageDiscovery ================================

Package files discovered:
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1020.0_TO_1.225.1028.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1020.0_TO_1.225.1028.0_MPAVDLTA.VDM._P (?.?.?.?)

               AM BDD:     
       Engine: Not included
  AS base VDM: Not included
  AV base VDM: Not included
 AS delta VDM: 1.225.1028.0
 AV delta VDM: 1.225.1028.0

================================ PatchApplication ================================

Patched mpasdlta.vdm to 1.225.1028.0
Patched mpavdlta.vdm to 1.225.1028.0

================================= MpUpdateEngine =================================

Package files for the engine update:
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1020.0_TO_1.225.1028.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1020.0_TO_1.225.1028.0_MPAVDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\mpasdlta.vdm (1.225.1028.0)
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\mpavdlta.vdm (1.225.1028.0)

Updated from C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs (0x0)

================================= ValidateUpdate =================================

MpSigStub successfully updated Windows Defender using the AM BDD package.

               Original:     Updated to: 
 AS delta VDM: 1.225.1020.0  1.225.1028.0
 AV delta VDM: 1.225.1020.0  1.225.1028.0

Set DeltaUpdateFailure to 0
Set BddUpdateFailure to 0
Deleted C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1020.0_TO_1.225.1028.0_MPASDLTA.VDM._P
Deleted C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1020.0_TO_1.225.1028.0_MPAVDLTA.VDM._P
End time: 10.07.2016 04:16
----------------------------------------------------------------------------------

----------------------------------------------------------------------------------
Command:    MpSigStub.exe /program WD /q
Start time: 10.07.2016 12:36 (version 1.1.12939.0)

=================================== ProductSearch ==================================

                 Windows Defender:
         Status: Active           
        Product: 4.9.10586.0      
         Engine: 1.1.12902.0      
     Signatures: 1.225.1028.0     
     NIS Engine: 2.1.12706.0      
 NIS Signatures: 116.12.0.0       

================================ PackageDiscovery ================================

Package files discovered:
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1028.0_TO_1.225.1069.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1028.0_TO_1.225.1069.0_MPAVDLTA.VDM._P (?.?.?.?)

               AM BDD:     
       Engine: Not included
  AS base VDM: Not included
  AV base VDM: Not included
 AS delta VDM: 1.225.1069.0
 AV delta VDM: 1.225.1069.0

================================ PatchApplication ================================

Patched mpasdlta.vdm to 1.225.1069.0
Patched mpavdlta.vdm to 1.225.1069.0

================================= MpUpdateEngine =================================

Package files for the engine update:
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1028.0_TO_1.225.1069.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1028.0_TO_1.225.1069.0_MPAVDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\mpasdlta.vdm (1.225.1069.0)
C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\mpavdlta.vdm (1.225.1069.0)

Updated from C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs (0x0)

================================= ValidateUpdate =================================

MpSigStub successfully updated Windows Defender using the AM BDD package.

               Original:     Updated to: 
 AS delta VDM: 1.225.1028.0  1.225.1069.0
 AV delta VDM: 1.225.1028.0  1.225.1069.0

Set DeltaUpdateFailure to 0
Set BddUpdateFailure to 0
Deleted C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1028.0_TO_1.225.1069.0_MPASDLTA.VDM._P
Deleted C:\Windows\Temp\5403879E02DD90A4DB2ACC30A3BF4EA5-Sigs\1.225.1028.0_TO_1.225.1069.0_MPAVDLTA.VDM._P
End time: 10.07.2016 12:36
----------------------------------------------------------------------------------
         
eva
*hofft und grüßt

sorry,
nach der Anleitung habe ich erst die FRST log gesandt.
werde die anderen gleich nachholen.

der mbamlog:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 10.07.2016
Suchlaufzeit: 14:16
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.10.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: eva

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 362244
Abgelaufene Zeit: 25 Min., 4 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 5
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, 2428, , [db8058ca4d4d122476f3d6bc58a92ed2]
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, 4916, , [fb602ef45f3b23139dcc70229968e51b]
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, 4272, , [283367bbfb9fbc7a89e0a3ef07fa9f61]
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, 2208, , [bc9f071b742639fde98d1bda16ed0af6]
PUP.Optional.ProntSpooler, C:\Users\eva\AppData\Local\Apps\2.0\abril.exe, 2532, , [d883e1414d4d68ce9d638d6c3fc4e818]

Module: 50
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, , [be9d2df5e4b65cda5712dbb741c005fb], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, , [43187fa39ffb39fdce9bb4de3cc5db25], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, , [43187fa39ffb39fdce9bb4de3cc5db25], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, , [fa610121bfdb44f2e6835a3823de1fe1], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, , [fa610121bfdb44f2e6835a3823de1fe1], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, , [5efd0b17f1a9af879ecb177b6d94a55b], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, , [5efd0b17f1a9af879ecb177b6d94a55b], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, , [6bf0a181603a2e0874f5533fcb368878], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, , [f26999892476af87c9a069293dc4ed13], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, , [c3985ec45f3bc274d198801224dd728e], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, , [2a31cf53c9d1f2442346a7eb24dd20e0], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, , [72e999894b4f5ed8de8bd4bec23ff30d], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, , [0259f131b4e61b1bdf8afc96c938d42c], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, , [b6a512109505ff370960850d3cc5eb15], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, , [99c2081a2a702c0a3336385a837e7d83], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, , [71ea67bbc7d354e262073e543fc2fd03], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, , [1447e53d1c7eeb4b2742c9c918e94db3], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, , [411acd550b8fb5814722642e2bd6ba46], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, , [411acd550b8fb5814722642e2bd6ba46], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, , [411acd550b8fb5814722642e2bd6ba46], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 

Registrierungsschlüssel: 32
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCProtectService, , [db8058ca4d4d122476f3d6bc58a92ed2], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [a9b24bd7d4c658de46d6dabe1de59f61], 
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [64f76db57b1fb482fa22445420e27d83], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [4318869c8c0e0234b567425615eda35d], 
PUP.Optional.Youndoo, HKLM\SOFTWARE\CLASSES\CLSID\{6710C780-E20E-4C49-A87D-321850ED3D7C}, , [8ccf3be75c3e71c52f6382ee3bc77090], 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CloudPrinter, , [bc9f071b742639fde98d1bda16ed0af6], 
PUP.Optional.ProntSpooler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ProntSpooler, , [d883e1414d4d68ce9d638d6c3fc4e818], 
PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\TRACING\idscservice_RASAPI32, , [87d47ea4405a51e596c41ede946fc937], 
PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\TRACING\idscservice_RASMANCS, , [97c4f929e0ba072f80da32ca29daf10f], 
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\TRACING\otutnetwork_RASAPI32, , [fa61fc26a2f8e551e239d12bc93a9868], 
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\TRACING\otutnetwork_RASMANCS, , [d88342e07c1ee155db4064989b688e72], 
PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASAPI32, , [9bc0b270970386b00da922dcfd06af51], 
PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASMANCS, , [e675130f4e4c61d53482ee1030d3718f], 
PUP.Optional.YesSearches, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{31ED907D-68F0-415A-B9D2-8597C8237F1A}, , [c9926fb3e8b2de5842a0e0e9a161eb15], 
PUP.Optional.UPUpdata, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{86DDD67D-EE19-40BD-A8CA-DABAB8E388A3}, , [312a32f05d3db48269fe22a805fd8b75], 
PUP.Optional.UPUpdata, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\tasklist, , [98c38f9312886ec8d593c90159a96f91], 
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, , [a0bb8d95168450e6e14b7c4ee71bf50b], 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASAPI32, , [61fa1f037921ea4c14295c9a6b980bf5], 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASMANCS, , [b5a6e73b801aad89132a6393887bf50b], 
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AC955DA7-5091-4E6D-8330-19D5C2BDBF51}, , [ce8d4bd7fd9d68ce2a008743748ea35d], 
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC, , [372450d233671422cc27737e15eeae52], 
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\WIN\win_en_77, , [f46766bc009ade58b8072cc49d66d32d], 
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKpt, , [de7d9c86fc9e51e52c9f923713ef21df], 
PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DOWIDOLY, , [90cbaf73b6e480b66bf4876739ca5ba5], 
PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MESUWEBYZBT, , [36258f936337fe38fa6517d761a2c63a], 
PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RIJUFOZE, , [2b3079a974264fe7431c4ea0fd0625db], 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, , [5cffbf638614e84e4ad28c6bb053bb45], 
PUP.Optional.ProntSpooler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ProntSpooler, , [ea71ca58fe9ccc6af90801f8d1328b75], 
PUP.Optional.Wizzlabs, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\Wizzlabs, , [4e0d2df5c4d638fea9d08578f70ca759], 
PUP.Optional.Komodia, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\INSTALLPATH\STATUS, , [0e4d78aacdcdc27486c4945136cd966a], 
PUP.Optional.IDSCProduct, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\MICROSOFT\IDSC, , [67f40121693174c2df4e35c6c73c01ff], 
PUP.Optional.SystemHealer, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\SYSTEM HEALER, , [fa61e83a841610260a57ac2f5aa9738d], 

Registrierungswerte: 16
PUP.Optional.YesSearches, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{31ED907D-68F0-415A-B9D2-8597C8237F1A}|Path, \Coacuiedclernege Module, , [c9926fb3e8b2de5842a0e0e9a161eb15]
PUP.Optional.UPUpdata, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{86DDD67D-EE19-40BD-A8CA-DABAB8E388A3}|Path, \tasklist, , [312a32f05d3db48269fe22a805fd8b75]
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AC955DA7-5091-4E6D-8330-19D5C2BDBF51}|DisplayName, trotux - Uninstall, , [ce8d4bd7fd9d68ce2a008743748ea35d]
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC|Location, C:\Program Files (x86)\MPC Cleaner, , [372450d233671422cc27737e15eeae52]
PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dowidoly|ImagePath, C:\Program Files (x86)\1F002AC0-1468102438-0800-5248-BCAEC528E8F5\jnsg5BE4.tmp, , [90cbaf73b6e480b66bf4876739ca5ba5]
PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mesuwebyzbt|ImagePath, C:\Program Files (x86)\1F002AC0-1468102438-0800-5248-BCAEC528E8F5\knsm450A.tmpfs, , [36258f936337fe38fa6517d761a2c63a]
PUP.Optional.ConvertAd.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rijufoze|ImagePath, C:\Program Files (x86)\1F002AC0-1468102438-0800-5248-BCAEC528E8F5\hnsu7114.tmp, , [2b3079a974264fe7431c4ea0fd0625db]
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CLOUDPRINTER|ImagePath, C:\ProgramData\\CloudPrinter\\CloudPrinter.exe shuz -f "C:\ProgramData\\CloudPrinter\\CloudPrinter.dat" -l -a, , [0f4c978ba2f87abc749c00f7ee1521df]
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE|ImagePath, "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe", , [3229948e633756e0ceff25cd0bf8b050]
PUP.Optional.Komodia, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\INSTALLPATH\STATUS|FlowsurfCB, N, , [0e4d78aacdcdc27486c4945136cd966a]
PUP.Optional.IDSCProduct, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\MICROSOFT\IDSC|partner, sum, , [67f40121693174c2df4e35c6c73c01ff]
PUP.Optional.SystemHealer, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\SYSTEM HEALER|HomePage, hxxp://systemhealer.com/, , [fa61e83a841610260a57ac2f5aa9738d]
PUP.Optional.SystemHealer, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\SYSTEM HEALER|CartURL, hxxp://gen2.securedshopgate.com/?b=35&t=1&tid=351002430-DE-263_96B1F2B2-9C63-421B-91F6-9DB8B2A9105F&clb=1, , [e17aa47e88128caac49354aa0cf7f808]
PUP.Optional.SystemHealer, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\SYSTEM HEALER|SupportPage, hxxp://systemhealer.com/support/#contact, , [d685170bc2d8af87431ead2e8d76c33d]
PUP.Optional.SystemHealer, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\SYSTEM HEALER|CallBanner1, hxxp://callbanner.systemhealer.com/?type=45, , [2e2d41e13a607abc322f994220e31fe1]
PUP.Optional.SystemHealer, HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\SYSTEM HEALER|CallBanner2, hxxp://callbanner.systemhealer.com/?type=46, , [3f1c63bfc0da9c9ab3aeb52654afdd23]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 22
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC, , [1843fc26930758deca7c66840bf86898], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter, , [bc9f071b742639fde98d1bda16ed0af6], 
PUP.Optional.MCorp, C:\Users\eva\AppData\Roaming\MCorp\1147, , [80db051df5a538fed90446b71fe4f50b], 
PUP.Optional.MCorp, C:\Users\eva\AppData\Roaming\MCorp, , [80db051df5a538fed90446b71fe4f50b], 
PUP.Optional.YellowSend, C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage, , [e6752cf6d1c991a5cf04922fa260ba46], 
PUP.Optional.IDSCProduct, C:\Program Files (x86)\Max Driver Updater, , [7ddec75b6535e3530329e2e6af531ee2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Exe, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall, , [6af1f52dd3c71a1c495bd3f6976b13ed], 

Dateien: 186
PUP.Optional.MorePowerfulCleaner, C:\WINDOWS\SYSTEM32\drivers\MPCKpt.sys, , [b66a551d00e41d5416f4cb5497926238], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, , [5b00df43ebaf93a35b0e157dc04116ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, , [db8058ca4d4d122476f3d6bc58a92ed2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, , [be9d2df5e4b65cda5712dbb741c005fb], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, , [43187fa39ffb39fdce9bb4de3cc5db25], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, , [fa610121bfdb44f2e6835a3823de1fe1], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, , [5efd0b17f1a9af879ecb177b6d94a55b], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, , [fb602ef45f3b23139dcc70229968e51b], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, , [6bf0a181603a2e0874f5533fcb368878], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, , [f26999892476af87c9a069293dc4ed13], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, , [c3985ec45f3bc274d198801224dd728e], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, , [2a31cf53c9d1f2442346a7eb24dd20e0], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, , [72e999894b4f5ed8de8bd4bec23ff30d], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, , [0259f131b4e61b1bdf8afc96c938d42c], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, , [b6a512109505ff370960850d3cc5eb15], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, , [99c2081a2a702c0a3336385a837e7d83], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, , [71ea67bbc7d354e262073e543fc2fd03], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, , [1447e53d1c7eeb4b2742c9c918e94db3], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, , [411acd550b8fb5814722642e2bd6ba46], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, , [283367bbfb9fbc7a89e0a3ef07fa9f61], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, , [f5660b176f2b88aeea7f95fddf22ab55], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MainFrame.dll, , [4714978b6a3073c31158d3bf41c0a65a], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPC.exe, , [0952839feab0d06644250f83e21f9868], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCAutoClean.exe, , [98c31d05dcbe092d6405078b41c041bf], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCNews.exe, , [72e99c86d1c981b572f7355d778af60a], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSecurity.exe, , [28330022752534024920b5ddaf52fa06], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSetting.exe, , [9fbc6cb6871366d01950d9b950b13ac6], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi64.dll, , [7edded35d6c43afcf4758a08ab5604fc], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SetupFrame.dll, , [6cef061cbae01b1b5f0af9993dc48080], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Uninstall.exe, , [f66568ba82181c1abdac6e241ce57e82], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstallFrame.dll, , [97c452d08b0f201696d3cec4d52c2dd3], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstDelete.exe, , [78e3db47c5d556e023461181956c6b95], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UpdateHost.exe, , [1b402af8fe9c6dc95712246ece33629e], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Upgrade.dll, , [6eed170bfc9e6dc96603a2f04cb5bd43], 
PUP.Optional.Tuto4PC, C:\Program Files (x86)\mpck\uninstaller.exe, , [65f680a25e3c41f5bca207a2b153a060], 
PUP.Optional.Tuto4PC, C:\Program Files (x86)\Max Driver Updater\uninstaller.exe, , [e378f72bacee93a31d4125843cc854ac], 
PUP.Optional.MorePowerfulCleaner, C:\Windows\Temp\1h3d4fwy.exe, , [d48732f03f5b93a32aa84a4ca4604fb1], 
PUP.Optional.MorePowerfulCleaner, C:\Windows\Temp\hhogf3wf.exe, , [fd5e0a18980237ff23afb0e6ca3a15eb], 
PUP.Optional.YesSearches, C:\Windows\System32\Tasks\Coacuiedclernege Module, , [3724e53d19816acc5b859534907237c9], 
PUP.Optional.UPUpdata, C:\Windows\System32\Tasks\tasklist, , [73e8bf632278063082e35a70f111bf41], 
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk, , [1843fc26930758deca7c66840bf86898], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.dat, , [bc9f071b742639fde98d1bda16ed0af6], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, , [bc9f071b742639fde98d1bda16ed0af6], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Config.xml, , [bc9f071b742639fde98d1bda16ed0af6], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Jackson.exe, , [bc9f071b742639fde98d1bda16ed0af6], 
PUP.Optional.ProntSpooler, C:\Users\eva\AppData\Local\Apps\2.0\abril.exe, , [d883e1414d4d68ce9d638d6c3fc4e818], 
PUP.Optional.ProntSpooler, C:\Users\eva\AppData\Local\Apps\2.0\abril.InstallLog, , [1b403de5d4c6dc5ad52b8277768df808], 
PUP.Optional.ProntSpooler, C:\Users\eva\AppData\Local\Apps\2.0\abril.InstallState, , [6eedbd659901af87a65a01f8699a55ab], 
PUP.Optional.MCorp, C:\Users\eva\AppData\Roaming\MCorp\1147\udpx, , [80db051df5a538fed90446b71fe4f50b], 
PUP.Optional.YellowSend, C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage\Configure.lnk, , [e6752cf6d1c991a5cf04922fa260ba46], 
PUP.Optional.IDSCProduct, C:\Program Files (x86)\Max Driver Updater\config.conf, , [7ddec75b6535e3530329e2e6af531ee2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\snh.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdcManager.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\CeBase.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\CrashReport.exe, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\dbgkpt.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT.manifest, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcm90.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcp90.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcr90.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\nmlct, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\symsrv.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\symsrv.yes, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\wfhxte.dat, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\xadb.exe, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Exe\ADC_qd00000.exe, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\Clean.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\PlugIn.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\as.db, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\cf.db, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\run.db, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\st.db, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCBase_32.sys, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.inf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.sys, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_32.sys, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_64.sys, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_xp_32.sys, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q2.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_gray.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_green.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_org.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_red.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g1.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g10.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g11.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g12.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g2.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g3.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g4.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g5.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g6.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g7.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g8.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g9.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q1.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q10.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q11.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q12.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q3.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q4.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q5.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q6.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q7.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q8.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q9.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r1.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r10.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r11.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r12.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r2.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r3.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r4.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r5.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r6.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r7.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r8.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r9.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_gray.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_green.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_org.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_red.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y1.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y10.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y11.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y12.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y2.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y3.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y4.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y5.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y6.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y7.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y8.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y9.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{08DA4B46-E0EB-4B4D-8C8B-558C967AF6C5}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{22A8D5A3-F368-4C6B-BF4D-3C901EBCF242}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{3F9A707D-2C36-4344-8621-B8E4ADC95C18}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{ADC520A9-B4B3-791E-B149-845C11673CB0}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{CDA529A9-B1B3-793E-B449-845C11673CB5}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{D8EC46AF-529F-4636-963B-C086429C73DA}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{DE37CD8C-DE7B-481F-A676-303ABAFBEE04}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{EDA029A1-B5BA-793E-B649-875C18673CC5}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{F154C596-75A9-4028-90E8-9752BD7CA05B}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{FDA029A2-A5BA-797E-B689-875E18673FC2}.ico, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\toasts_waring.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcapp.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcweb.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\block.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\home.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\ie.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\search.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_green.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_org.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_red.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_green.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_org.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_red.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_green.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_org.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_red.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_green.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_org.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_red.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_green.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_org.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_red.png, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcm90.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcp90.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcr90.dll, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Lang.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Skin.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Lang.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Skin.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News\Lang.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News\Skin.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Lang.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Skin.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Lang.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Skin.xf, , [6af1f52dd3c71a1c495bd3f6976b13ed], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
schon mal normales Starten von Chrome. bin schon mal begeistert.

AdwCleaner log
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.201 - Bericht erstellt am 10/07/2016 um 15:08:32
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-10.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : eva - EVASCOMPUTER
# Gestartet von : C:\Users\eva\Desktop\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
[-] Ordner gelöscht : C:\Users\eva\AppData\Local\app

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\eva\AppData\Roaming\fastboot.exe
[-] Datei gelöscht : C:\Users\eva\AppData\Roaming\adb.exe
[-] Datei gelöscht : C:\Users\eva\Desktop\AutoTime.lnk

***** [ DLLs ] *****


***** [ WMI ] *****

[-] Schlüssel gelöscht : \root\subscription\\ActiveScriptEventConsumer [ASEC]

***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\s
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht : HKCU\Software\MICROSOFT\OTUT
[-] Schlüssel gelöscht : HKCU\Software\AutoTime
[-] Schlüssel gelöscht : HKCU\Software\KuaiZip
[-] Schlüssel gelöscht : HKLM\SOFTWARE\WIN
[-] Schlüssel gelöscht : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{78FFF2DE-FA9A-2A05-374D-D8B8B16A79A3}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\yeabests.cc
[-] Wert gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[#] Wert gelöscht : HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[-] Wert gelöscht : HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [msiql]
[-] Wert gelöscht : HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Caster]
[-] Wert gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [QGuan10in1]
[#] Wert gelöscht : HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Software\Microsoft\Windows\CurrentVersion\Run [QGuan10in1]
[-] Wert gelöscht : HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [QGuan10in1]
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [EYAN]
[-] Wert gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [EYAN]

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3679 Bytes] - [10/07/2016 15:08:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [3729 Bytes] - [10/07/2016 15:05:47]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3825 Bytes] ##########
         
--- --- ---

[/CODE]

der JRT.txt

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x64 
Ran by eva (Administrator) on 10.07.2016 at 15:22:10,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.07.2016 at 15:23:07,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
__________________

Alt 10.07.2016, 14:31   #4
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



2ter Durchlauf FRST:
FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
durchgeführt von eva (Administrator) auf EVASCOMPUTER (10-07-2016 15:27:35)
Gestartet von C:\Users\eva\Desktop
Geladene Profile: eva (Verfügbare Profile: eva)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\ASGT.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2016-03-03] (AVM Berlin)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [3834368 2016-06-20] (TomTom)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2640336 2015-08-27] (TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [5602768 2015-09-01] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk [2016-07-10]
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Windows\Installer\{084798D2-33EF-42CC-A925-970AF222898B}\NewShortcut1_5A2CAB8514594533A6B50E3D23448BE1.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c6ef35ba-7431-4f1d-936d-26820bb64337}: [DhcpNameServer] 192.168.178.1
ManualProxies: 

Internet Explorer:
==================
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc.)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-31] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: gequlywefegeretaward -> hxxp://google.com/
CHR StartupUrls: gequlywefegeretaward -> "hxxp://www.trotux.com/?z=e6ee2bfd84aa90be2b4ef20g7zbq2bcg0eeo5qbe4o&from=ftp&uid=C300-CTFDDAC128MAG_000000001106030289DD&type=hp","hxxps://www.google.com/"
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-08-18] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-29] (Microsoft Corporation) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 VSStandardCollectorService140; F:\programmie\VisualStudio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 CoacuiedclernegeModulejedeentsherwusy.exe; "C:\Program Files (x86)\Stabily\CoacuiedclernegeModulejedeentsherwusy.exe" {C25DA384-2010-45A4-A1ED-BFA540D4789B} {9DC74CD5-24EA-4ADE-9C42-608A8CE17116} [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2016-03-03] (AVM Berlin)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-10] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-06-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192864 2016-06-28] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-10 15:23 - 2016-07-10 15:23 - 00000544 _____ C:\Users\eva\Desktop\JRT.txt
2016-07-10 15:17 - 2016-07-10 15:21 - 01610560 _____ (Malwarebytes) C:\Users\eva\Desktop\JRT.exe
2016-07-10 15:05 - 2016-07-10 15:08 - 00000000 ____D C:\AdwCleaner
2016-07-10 15:03 - 2016-07-10 15:04 - 03712064 _____ C:\Users\eva\Desktop\AdwCleaner_5.201.exe
2016-07-10 14:57 - 2016-07-10 14:57 - 00000000 ___HD C:\OneDriveTemp
2016-07-10 14:53 - 2016-07-10 14:53 - 00041646 _____ C:\Users\eva\Desktop\mbamlog.txt
2016-07-10 14:30 - 2016-07-10 14:30 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign1ae75b3e9a0f7763
2016-07-10 14:15 - 2016-07-10 15:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-10 14:15 - 2016-07-10 15:06 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-10 14:15 - 2016-07-10 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-10 14:15 - 2016-07-10 14:15 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-10 14:15 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-10 14:15 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-10 14:15 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-10 14:03 - 2016-07-10 14:03 - 00134886 _____ C:\Users\eva\Desktop\troj-board-derganzepost-zulang.txt
2016-07-10 14:02 - 2016-07-10 14:02 - 00068043 _____ C:\Users\eva\Desktop\dasAdditionlog.txt
2016-07-10 13:12 - 2016-07-10 13:31 - 00009892 _____ C:\Users\eva\Desktop\MPC-SIG-Stub-log-aus-dem-win_tmp.txt
2016-07-10 13:10 - 2016-07-10 13:10 - 00004238 _____ C:\Users\eva\Desktop\MPC-log-aus-dem-win_tmp.txt
2016-07-10 12:47 - 2016-07-10 12:49 - 00060690 _____ C:\Users\eva\Desktop\Addition.txt
2016-07-10 12:40 - 2016-07-10 15:27 - 00017639 _____ C:\Users\eva\Desktop\FRST.txt
2016-07-10 12:39 - 2016-07-10 12:39 - 00066249 _____ C:\Users\eva\Downloads\FRST.txt
2016-07-10 12:38 - 2016-07-10 12:38 - 02390016 _____ (Farbar) C:\Users\eva\Desktop\FRST64.exe
2016-07-10 04:41 - 2016-07-10 04:41 - 00000244 _____ C:\Users\eva\vercolystecuyConfiguration.dll
2016-07-10 04:06 - 2016-07-10 04:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\eva\Downloads\HijackThis.exe
2016-07-10 03:31 - 2016-07-10 03:38 - 00061356 _____ C:\Users\eva\Downloads\Addition.txt
2016-07-10 03:24 - 2016-07-10 15:27 - 00000000 ____D C:\FRST
2016-07-10 03:22 - 2016-07-10 03:22 - 01740288 _____ (Farbar) C:\Users\eva\Downloads\FRST.exe
2016-07-10 03:12 - 2016-07-10 03:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-10 03:10 - 2016-07-10 03:11 - 22851472 _____ (Malwarebytes ) C:\Users\eva\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-10 01:43 - 2016-07-10 01:43 - 00000000 ____D C:\$SysReset
2016-07-10 01:04 - 2016-07-10 01:04 - 00003258 _____ C:\Windows\System32\Tasks\{FBAB2A37-92E4-40C1-BE7F-FE68411ACADE}
2016-07-10 00:59 - 2016-07-10 00:59 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2016-07-10 00:20 - 2016-07-10 00:20 - 00000000 ____D C:\Program Files (x86)\Maxthon
2016-07-10 00:19 - 2016-07-10 00:19 - 00092872 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive.sys
2016-07-10 00:18 - 2016-07-10 01:02 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-07-10 00:17 - 2016-07-10 01:00 - 00000000 ____D C:\Windows\system32\SSL
2016-07-10 00:16 - 2016-07-10 14:52 - 00000000 ____D C:\Program Files (x86)\mpck
2016-07-10 00:16 - 2016-07-10 14:17 - 00000000 ____D C:\Program Files (x86)\Stabily
2016-07-10 00:16 - 2016-07-10 00:17 - 00000000 ____D C:\Users\eva\AppData\Local\prevuchnirolyghucult
2016-07-10 00:14 - 2016-07-10 00:12 - 00001691 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-07-09 16:27 - 2016-07-09 16:27 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign8a9e4e73cc81320e
2016-07-09 16:19 - 2016-07-09 16:19 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsigna541fe704658e6d0
2016-07-09 10:51 - 2016-07-09 10:51 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign8950d5c0eb41d0d4
2016-07-08 12:44 - 2016-07-08 12:44 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign1c21974cc5323cbe
2016-07-07 21:17 - 2016-07-07 21:17 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign6a42175d11ce9983
2016-07-07 12:52 - 2016-07-07 12:52 - 00000036 _____ C:\Users\eva\Desktop\altephp5.6versionausdemPath.txt
2016-07-07 12:46 - 2016-07-07 12:47 - 06737632 _____ (Advanced Micro Devices) C:\Users\eva\Downloads\amd1560cleanuputility.exe
2016-07-07 11:33 - 2016-07-07 11:33 - 21953914 _____ C:\Users\eva\Downloads\php-7.0.8-nts-Win32-VC14-x86.zip
2016-07-06 11:40 - 2016-07-06 11:40 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign5f71f104bbf2dddb
2016-07-05 18:31 - 2016-07-05 18:31 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignee2538f887103dab
2016-07-05 18:29 - 2016-07-05 18:29 - 00000967 _____ C:\Users\eva\Desktop\NLP-8-9.Okt-ExplorersKompakt-gewonnen.txt
2016-07-02 00:57 - 2016-07-02 00:57 - 00002133 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen-2.txt
2016-07-01 14:19 - 2016-07-01 20:19 - 00004323 _____ C:\Users\eva\Desktop\gedok-feeds.txt
2016-07-01 14:07 - 2016-07-01 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-07-01 14:03 - 2016-07-01 14:05 - 113455072 _____ (Oracle Corporation) C:\Users\eva\Downloads\VirtualBox-5.0.24-108355-Win.exe
2016-07-01 13:53 - 2016-07-01 13:54 - 173203674 _____ C:\Users\eva\Downloads\vagrant_1.8.4.msi
2016-07-01 10:45 - 2016-07-01 10:45 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignb8caf8409a2d90a0
2016-07-01 00:34 - 2016-07-01 00:34 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsigndbc3b84bd60caed9
2016-06-30 20:25 - 2016-06-30 20:25 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignf9b78ff7098949f6
2016-06-30 11:18 - 2016-06-30 11:19 - 00000000 ____D C:\Users\eva\Documents\Kurse
2016-06-30 10:06 - 2016-06-30 10:06 - 00028160 _____ C:\Users\eva\Documents\vr-export-wegleitner.xls
2016-06-29 14:31 - 2016-06-29 14:31 - 00002165 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen.txt
2016-06-29 13:48 - 2016-06-29 13:48 - 06569088 _____ (Tim Kosse) C:\Users\eva\Downloads\FileZilla_3.19.0_win64-setup.exe
2016-06-29 12:31 - 2016-07-08 22:07 - 00000000 ____D C:\Users\eva\Documents\GEDOK
2016-06-28 17:21 - 2016-06-28 17:21 - 00192864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-06-28 17:21 - 2016-06-28 17:21 - 00119712 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\eva\AppData\Roaming\EYapp.apk
2016-06-25 14:37 - 2015-09-01 15:11 - 00049152 _____ () C:\Windows\SysWOW64\LGErrorHandler.dll
2016-06-25 14:35 - 2016-06-25 14:36 - 15210348 _____ C:\Users\eva\Downloads\ScreenSplit_6.55.zip
2016-06-25 14:28 - 2016-07-10 15:06 - 00002358 _____ C:\Users\Public\Desktop\Screen Split.lnk
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Split
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-06-25 14:28 - 2015-09-01 15:12 - 00131072 _____ (LG Soft India) C:\Windows\SysWOW64\LGMonitorDDCCISDK.dll
2016-06-25 14:28 - 2015-09-01 15:11 - 00102400 _____ (LG Soft India) C:\Windows\SysWOW64\LGProtocolEngine.dll
2016-06-25 14:28 - 2015-04-13 15:07 - 00019968 _____ C:\Windows\SysWOW64\LGPII2CDriver.sys
2016-06-25 14:28 - 2015-04-13 15:07 - 00016384 _____ (LG Soft India) C:\Windows\SysWOW64\LGI2CDriver.sys
2016-06-25 14:28 - 2014-09-04 09:16 - 00196608 _____ (LG Soft India) C:\Windows\SysWOW64\LGDeviceManager.dll
2016-06-25 13:05 - 2016-06-25 13:05 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign01746f0fa8ee59c5
2016-06-24 21:26 - 2016-06-24 21:35 - 00002928 _____ C:\Users\eva\Desktop\gedok-web-ssl-undnewsletter-umbau.txt
2016-06-24 20:08 - 2016-06-24 20:08 - 00002215 _____ C:\Users\eva\Desktop\windows-mobile-email-einrichtungs-anleitung-STRATO.txt
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838.pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (2).pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (1).pdf
2016-06-24 16:49 - 2016-06-24 16:49 - 00002798 _____ C:\Users\eva\Desktop\confirmation.htm
2016-06-23 20:27 - 2016-06-23 20:27 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignae6485b61ced49ea
2016-06-23 20:09 - 2016-06-23 20:09 - 00003584 _____ C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 11:19 - 2016-06-23 11:19 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign0df7904a16630f04
2016-06-23 11:09 - 2016-06-23 11:09 - 00000129 _____ C:\Users\eva\Desktop\gedok-katalog-text.txt
2016-06-23 10:32 - 2016-06-23 10:32 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign582920eb00311580
2016-06-23 10:31 - 2016-06-23 10:31 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign8d0fa2eb8b61a7e1
2016-06-23 00:54 - 2016-06-23 00:54 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignf5ea9e767ae33722
2016-06-23 00:45 - 2016-06-23 00:45 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign438b3f56308d5497
2016-06-21 18:23 - 2016-06-21 18:23 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign8860303c7daecd4b
2016-06-21 16:24 - 2016-06-21 16:24 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsignd93e8371ef8ab2e9
2016-06-21 16:15 - 2016-07-10 15:06 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-06-21 16:08 - 2016-07-10 15:06 - 00001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\Desktop\Painting and Classic Frames
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsigna70787bf51d8cad6
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign89f793554ebdaeec
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign2ba66e15e957dc26
2016-06-21 15:54 - 2016-07-10 15:06 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-06-21 01:29 - 2016-06-21 01:29 - 00052301 _____ C:\Users\eva\Desktop\DHLReturnLabel.pdf
2016-06-21 01:27 - 2016-06-21 01:27 - 00048159 _____ C:\Users\eva\Desktop\DHL_Collection_Details_de.pdf
2016-06-21 01:21 - 2016-06-21 01:21 - 00040845 _____ C:\Users\eva\Desktop\basisband-Eva Wehdemeyer-ENR0105493.pdf
2016-06-21 01:20 - 2016-06-21 01:20 - 00037547 _____ C:\Users\eva\Downloads\Eva Wehdemeyer-ENR0105493.pdf
2016-06-18 17:22 - 2016-06-18 17:22 - 06140101 _____ C:\Users\eva\Downloads\dict-en.oxt
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts.csv
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts (1).csv
2016-06-18 17:05 - 2016-06-18 17:05 - 00042768 _____ C:\Users\eva\Downloads\google.csv
2016-06-14 20:09 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-14 20:09 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 20:09 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-14 20:09 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-14 20:09 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-14 20:09 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-14 20:09 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-14 20:09 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-14 20:09 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-14 20:09 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-14 20:09 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-14 20:09 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-14 20:09 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-14 20:09 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-14 20:09 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-14 20:08 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-14 20:08 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-14 20:08 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-14 20:08 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-14 20:08 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-14 20:08 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-14 20:08 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-14 20:08 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-14 20:08 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-14 20:08 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-14 20:08 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-14 20:08 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 20:08 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-14 20:08 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-14 20:08 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-14 20:08 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-14 20:08 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 20:08 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 20:08 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-14 20:08 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-14 20:08 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-14 20:08 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-14 20:08 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-14 20:08 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-14 20:08 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-14 20:08 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-14 20:08 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-14 20:08 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-14 20:08 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 20:08 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-14 20:08 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 20:08 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00579072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 20:08 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 03292672 _____ (Microsoft Corporation) C:\Windows\system32\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-14 20:08 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 02470912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-14 20:08 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-14 20:08 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-14 20:08 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-14 20:08 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-14 20:08 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-14 20:08 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-14 20:08 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-14 20:08 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-14 20:08 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 19:50 - 2016-07-10 15:06 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-14 19:50 - 2016-07-10 15:06 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-10 15:22 - 2016-03-03 18:40 - 00000000 ____D C:\Users\eva\AppData\Local\CrashDumps
2016-07-10 15:22 - 2016-02-27 23:22 - 00000000 ___RD C:\Users\eva\OneDrive
2016-07-10 15:16 - 2016-02-27 23:22 - 01909068 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-10 15:16 - 2015-10-30 20:35 - 00817138 _____ C:\Windows\system32\perfh007.dat
2016-07-10 15:16 - 2015-10-30 20:35 - 00172644 _____ C:\Windows\system32\perfc007.dat
2016-07-10 15:16 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-07-10 15:11 - 2016-02-28 00:03 - 00000000 ___RD C:\Users\eva\Creative Cloud Files
2016-07-10 15:11 - 2016-02-28 00:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-10 15:11 - 2016-02-27 23:58 - 00000000 ____D C:\Users\eva\AppData\Local\Adobe
2016-07-10 15:10 - 2016-06-07 20:07 - 00000000 ___RD C:\Users\eva\iCloudDrive
2016-07-10 15:10 - 2016-05-24 19:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-10 15:10 - 2016-02-27 23:28 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 15:10 - 2016-02-27 23:14 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-10 15:09 - 2015-10-30 08:28 - 00786432 ___SH C:\Windows\system32\config\BBI
2016-07-10 15:06 - 2016-06-09 15:07 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-07-10 15:06 - 2016-06-09 15:02 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-07-10 15:06 - 2016-06-07 19:49 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-07-10 15:06 - 2016-05-29 21:56 - 00000735 _____ C:\Users\Public\Desktop\Astroplus Dokumentation.lnk
2016-07-10 15:06 - 2016-05-25 02:04 - 00000746 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-07-10 15:06 - 2016-05-25 01:10 - 00000941 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-07-10 15:06 - 2016-05-25 01:10 - 00000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-07-10 15:06 - 2016-05-24 19:34 - 00001291 _____ C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2016-07-10 15:06 - 2016-05-24 19:33 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-07-10 15:06 - 2016-05-24 19:33 - 00001140 _____ C:\Users\Public\Desktop\ASUS GPU TweakII.lnk
2016-07-10 15:06 - 2016-04-17 12:43 - 00000935 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2016-07-10 15:06 - 2016-04-06 13:32 - 00001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-07-10 15:06 - 2016-03-27 18:06 - 00000802 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2016-07-10 15:06 - 2016-03-27 18:06 - 00000718 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-07-10 15:06 - 2016-03-19 19:40 - 00000780 _____ C:\Users\Public\Desktop\PuTTY.lnk
2016-07-10 15:06 - 2016-03-19 15:26 - 00000878 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2016-07-10 15:06 - 2016-03-19 15:26 - 00000794 _____ C:\Users\Public\Desktop\WinSCP.lnk
2016-07-10 15:06 - 2016-03-04 00:59 - 00000823 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-07-10 15:06 - 2016-03-03 00:54 - 00000961 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-07-10 15:06 - 2016-02-29 01:22 - 00002697 _____ C:\Users\Public\Desktop\VR-NetWorld.lnk
2016-07-10 15:06 - 2016-02-28 15:45 - 00000847 _____ C:\Users\Public\Desktop\Git Bash.lnk
2016-07-10 15:06 - 2016-02-28 14:05 - 00000799 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2016-07-10 15:06 - 2016-02-28 00:53 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk
2016-07-10 15:06 - 2016-02-27 23:28 - 00002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-10 15:06 - 2016-02-27 23:28 - 00002414 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-10 15:05 - 2016-06-09 19:01 - 00002080 _____ C:\Users\eva\Desktop\Windows Software Development Kit.lnk
2016-07-10 15:05 - 2016-05-25 12:48 - 00002057 _____ C:\Users\eva\Desktop\Willkommen zur ASUS Produktregistrierung.lnk
2016-07-10 15:05 - 2016-05-13 19:36 - 00001205 _____ C:\Users\eva\Desktop\sublime text 3.lnk
2016-07-10 15:05 - 2016-05-07 17:04 - 00001475 _____ C:\Users\eva\Desktop\PhpStorm EAP.lnk
2016-07-10 15:05 - 2016-04-06 13:32 - 00001067 _____ C:\Users\eva\Desktop\Adobe Lightroom.lnk
2016-07-10 15:05 - 2016-04-04 12:31 - 00001188 _____ C:\Users\eva\Desktop\AllDupPortable.lnk
2016-07-10 15:05 - 2016-03-17 22:09 - 00001421 _____ C:\Users\eva\Desktop\PhpStorm 2016.1.lnk
2016-07-10 15:05 - 2016-03-05 00:21 - 00001357 _____ C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\toast.lnk
2016-07-10 15:05 - 2016-03-02 14:39 - 00001346 _____ C:\Users\eva\Desktop\homestead        vagrant up.lnk
2016-07-10 15:05 - 2016-02-29 01:17 - 00001111 _____ C:\Users\eva\Desktop\Steuer_FA_Bank.lnk
2016-07-10 15:05 - 2016-02-29 01:15 - 00001240 _____ C:\Users\eva\Desktop\locate32.lnk
2016-07-10 15:05 - 2016-02-28 12:10 - 00000789 _____ C:\Users\eva\Desktop\astrolog.lnk
2016-07-10 15:05 - 2016-02-27 23:22 - 00002383 _____ C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-10 14:57 - 2016-03-03 15:54 - 00000000 ____D C:\Users\eva\AppData\Local\Apps\2.0
2016-07-10 14:57 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\System
2016-07-10 14:38 - 2016-02-27 23:28 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-10 14:34 - 2016-03-03 00:54 - 00000000 ____D C:\Users\eva\AppData\Roaming\FileZilla
2016-07-10 13:39 - 2016-03-05 16:08 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{42188E08-F75C-4F15-BB9B-3934F8C818AA}
2016-07-10 11:51 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-07-10 11:46 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-10 04:41 - 2016-02-27 23:16 - 00000000 ____D C:\Users\eva
2016-07-09 21:22 - 2016-04-15 18:30 - 00000000 ____D C:\Users\eva\AppData\Roaming\vlc
2016-07-09 21:20 - 2016-02-27 23:20 - 00000000 ____D C:\Users\eva\AppData\Local\Packages
2016-07-09 16:41 - 2016-02-28 19:32 - 00007224 _____ C:\Users\eva\.bash_history
2016-07-09 16:40 - 2016-02-28 19:27 - 00000000 ____D C:\Users\eva\.vagrant.d
2016-07-09 10:59 - 2016-02-28 14:05 - 00000000 ____D C:\Users\eva\.VirtualBox
2016-07-08 20:14 - 2016-03-04 23:31 - 00000000 ____D C:\Users\eva\AppData\Local\Composer
2016-07-08 14:46 - 2016-02-28 15:17 - 00000000 ____D C:\Users\eva\AppData\Roaming\Composer
2016-07-07 13:55 - 2016-05-19 19:51 - 00000000 ____D C:\Users\eva\Documents\KunstKateVolksdorf
2016-07-07 11:46 - 2016-02-28 14:45 - 00000000 ____D C:\php
2016-07-07 02:39 - 2016-02-28 14:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-05 09:16 - 2016-02-29 01:06 - 00000000 ____D C:\Users\Public\Documents\VR-NetWorld
2016-06-29 13:49 - 2016-03-03 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-06-28 17:21 - 2016-02-28 14:05 - 00917032 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-06-28 17:21 - 2016-02-28 14:05 - 00143568 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-06-25 17:58 - 2016-06-07 22:32 - 00000000 ____D C:\Users\eva\Documents\adressen
2016-06-25 14:28 - 2016-02-29 01:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-23 18:29 - 2016-02-28 00:11 - 00000000 ____D C:\Users\eva\Documents\Adobe
2016-06-23 18:29 - 2016-02-27 23:20 - 00000000 ____D C:\Users\eva\AppData\Roaming\Adobe
2016-06-23 15:16 - 2016-02-27 23:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-23 10:06 - 2016-03-31 16:50 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-06-22 22:58 - 2016-04-21 21:39 - 00000000 ____D C:\Program Files (x86)\TomTom
2016-06-22 22:57 - 2016-04-21 21:42 - 54989144 _____ C:\Users\eva\Downloads\TomTomMySportsConnectInstaller.exe
2016-06-21 16:17 - 2016-02-28 00:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-21 16:17 - 2016-02-28 00:09 - 00000000 ____D C:\Program Files\Adobe
2016-06-17 23:48 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-06-17 23:24 - 2016-03-26 15:49 - 00000000 ____D C:\Users\eva\Downloads\bootstrap-3.3.6-dist
2016-06-17 17:22 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-06-15 00:31 - 2016-02-27 23:11 - 04890512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-06-14 21:40 - 2016-02-28 14:25 - 00000000 ____D C:\Windows\system32\MRT
2016-06-14 21:36 - 2016-02-28 14:25 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 19:50 - 2016-02-28 00:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-14 19:43 - 2016-03-03 15:54 - 00000000 ____D C:\Users\eva\AppData\Local\Deployment
2016-06-13 00:42 - 2016-03-08 16:37 - 00000000 ____D C:\Program Files (x86)\VR-NetWorld

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\eva\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\eva\AppData\Roaming\AdbWinUsbApi.dll
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\eva\AppData\Roaming\EYapp.apk
2016-03-19 15:33 - 2016-03-19 20:23 - 0000600 _____ () C:\Users\eva\AppData\Roaming\winscp.rnd
2016-06-23 20:09 - 2016-06-23 20:09 - 0003584 _____ () C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-19 14:25 - 2016-04-22 23:48 - 0000600 _____ () C:\Users\eva\AppData\Local\PUTTY.RND
2016-03-20 21:05 - 2016-03-20 21:05 - 0000057 _____ () C:\ProgramData\Ament.ini

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\eva\vercolystecuyConfiguration.dll


Einige Dateien in TEMP:
====================
C:\Users\eva\AppData\Local\Temp\libeay32.dll
C:\Users\eva\AppData\Local\Temp\msvcr120.dll
C:\Users\eva\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-03 17:09

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 10.07.2016, 14:32   #5
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



und der 2te Durchlauf Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-07-2016
durchgeführt von eva (2016-07-10 15:28:15)
Gestartet von C:\Users\eva\Desktop
Windows 10 Pro Version 1511 (X64) (2016-02-27 21:15:50)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1764389191-2749221916-298074052-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1764389191-2749221916-298074052-503 - Limited - Disabled)
eva (S-1-5-21-1764389191-2749221916-298074052-1001 - Administrator - Enabled) => C:\Users\eva
Gast (S-1-5-21-1764389191-2749221916-298074052-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.0.090 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Astrocontact Astroplus (HKLM-x32\...\Astrocontact Astroplus Demo_is1) (Version:  - Astrocontact Software)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.0.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
CodedUITestUAP (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.19.1 de-DE (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.3.19290 - Landesfinanzdirektion Thüringen)
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.7 (x32 Version: 1.7.40113.5 - Microsoft Corporation) Hidden
Git version 2.7.2 (HKLM\...\Git_is1) (Version: 2.7.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
IDE Tools for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JetBrains PhpStorm 10.0.3 (HKLM-x32\...\PhpStorm 10.0.3) (Version: 143.1770 - JetBrains s.r.o.)
JetBrains PhpStorm 145.184.39 (HKLM-x32\...\PhpStorm 145.184.39) (Version: 145.184.39 - JetBrains s.r.o.)
JetBrains PhpStorm 2016.1 (HKLM-x32\...\PhpStorm 2016.1) (Version: 145.258.2 - JetBrains s.r.o.)
JetBrains PhpStorm 2016.1.1 (HKLM-x32\...\PhpStorm 2016.1.1) (Version: 145.969.15 - JetBrains s.r.o.)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Update 2 (HKLM-x32\...\{f2892dc5-7ac2-4ae4-a296-b5b159f61255}) (Version: 14.0.25123.0 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.0 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{7EB9C851-997C-4B84-BE81-D064FA62B0D4}) (Version: 5.10.1 - Node.js Foundation)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
OpenOffice 4.1.2 Language Pack (German) (HKLM-x32\...\{E0E6DB8D-D2B1-4A0B-A09C-44DBC09BF499}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.24 (HKLM\...\{BA15D402-19CA-493E-958B-170A0C446F25}) (Version: 5.0.24 - Oracle Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
PuTTY release 0.67 (HKLM-x32\...\PuTTY_is1) (Version: 0.67 - Simon Tatham)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Add to Path (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.57 - LG Electronics Inc.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.31.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vagrant (HKLM-x32\...\{46269A3F-7DFD-4920-AC45-B598BEA166AA}) (Version: 1.8.4 - HashiCorp)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )
VR-NetWorld Software (HKLM-x32\...\{084798D2-33EF-42CC-A925-970AF222898B}) (Version: 6.00.17 - Volksbanken Raiffeisenbanken)
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
vs_update2notification (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - )
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6B46570F42A0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2592BE6C-EB83-4210-955F-9EF63AF3AE48} - System32\Tasks\AdobeAAMUpdater-1.0-EVASCOMPUTER-eva => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {2C3F4CEB-C0DF-4C22-B512-5BBC28EEF5E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {3AC0ED25-46DC-4FAC-9DA9-4176A4C9C6BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-14] (Microsoft Corporation)
Task: {5BF4B8EA-FB8A-4EA7-99CE-107B4A8607A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {7AD13281-AD72-41DF-8929-E21AF802BB5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {8CD26B33-7E15-4589-916D-13D6DC08231B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {A0871AE6-A033-4957-87C3-2C5B88791DAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {AC5538EE-4D21-46A2-927D-4E927DF78F8F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-eva@wehdemeyer.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {CBD9382E-8B06-4AF1-AB9F-8AF43442AD83} - System32\Tasks\{FBAB2A37-92E4-40C1-BE7F-FE68411ACADE} => pcalua.exe -a "C:\Program Files\ZipTool\Uninstall.exe" -c -m=control
Task: {F4C32A4B-B0A7-407C-BF14-4096F856B31C} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => F:\programmie\VisualStudio\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8c6fe9a0a65c7f37\Google Chrome.lnk -> C:\Users\eva\AppData\Local\Google\Chrome\User Data\gequlywefegeretaward\Google Profile.ico () -> --profile-directory=gequlywefegeretaward
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-24 21:07 - 2012-08-31 16:03 - 00288768 ____N () C:\Windows\System32\HP1100LM.DLL
2016-03-24 21:15 - 2012-08-31 16:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2015-08-18 22:31 - 2015-08-18 22:31 - 00048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-05-24 20:45 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-24 20:45 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-24 20:45 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-12 19:44 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-12 19:44 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-24 17:43 - 2016-05-24 17:43 - 00959168 _____ () C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-28 15:17 - 2013-11-22 17:10 - 00103880 _____ () C:\Program Files (x86)\ComposerSetup\shellext64.dll
2016-02-28 14:24 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 23:29 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 20:08 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 20:08 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 20:08 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 20:08 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-24 20:45 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-24 20:45 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-24 19:32 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-17 23:39 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 23:39 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-07-10 02:50 - 00001331 ____A C:\Windows\system32\Drivers\etc\hosts

192.168.10.10       phpmyadmin.dev
192.168.10.11  		moiekraam.dev
192.168.10.10  		gedok_drei.dev
192.168.10.10  		katesieben2015.dev
192.168.10.10  		katesechs2015.dev
192.168.10.10  		kateacht2015.dev
192.168.10.10  		kateneun2015.dev
192.168.10.10  		KateEins2016Spark.dev
192.168.10.10  		schuermann.dev
192.168.10.10  		MoieLanding2.dev
192.168.10.10  		katezwei2016.dev
192.168.10.10  		katedrei2016.dev
192.168.10.10  		lw-2016-KatenBlog.dev
192.168.10.10  		wp.lw-2016-KatenBlog.dev

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{784112A9-A3C6-4BDD-9ED8-46BA7A307E24}F:\programmie\virtualboxwin10\vboxheadless.exe] => (Allow) F:\programmie\virtualboxwin10\vboxheadless.exe
FirewallRules: [UDP Query User{241D35D6-8731-4CA8-984E-422512C48EE2}F:\programmie\virtualboxwin10\vboxheadless.exe] => (Allow) F:\programmie\virtualboxwin10\vboxheadless.exe
FirewallRules: [{F4A6582C-1073-4442-B4E6-948D9130B9AD}] => (Allow) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{71550C36-8C38-4023-83EC-50DF5EF66FD3}] => (Allow) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{DFCB7EEF-64DC-4E38-8411-9043634D4B97}C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{03CDE024-49F7-4AFE-A14D-EAA929A2C7B3}C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{9BBACB26-BB64-4EAF-AFBD-1BA7B4124F78}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{2DC9576D-28D8-472D-8433-6962859A39FE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8ED3AD6D-AB33-4C31-AF5B-BDBA2D5976AF}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2981F380-867B-4867-903E-E4D3288068C9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B8C0C8A8-1219-4229-AD8F-DB01EB2E1F3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{20BB3DA7-B517-4182-BBDF-D11DF0A54F1D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{F7F92C6B-1E55-4E50-805F-174271A587BA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BA72B91B-ED78-4851-8100-2E5F36CA6479}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B3CB3673-4F10-4074-8417-C72C7249F17D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{85A1331A-1F28-4627-91A0-3319129B2E2C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{826AD43B-2EB6-40C8-B0B4-8C986844D993}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9333F9D2-6F7D-4966-A834-BA7B8789FDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C2816592-6068-43F3-B12B-4AA4168A5745}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21F23D24-9663-44FF-B24E-F683694D9BB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{44EB0A33-6357-430D-A878-9451A45E104F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{814CA135-EA5C-4B63-B4A4-9EFE6F306F2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B690A38D-BEF2-47CF-905F-1E639DF45DA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47251C24-8FF7-4958-AEF9-42F31057750F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{06859BF8-A87B-4669-AFF7-A4831A25E8E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5BBA4D12-2EBE-4318-9275-A5BE63B151BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4BE8013-364F-4C28-A149-C37A9F2D52D6}] => (Allow) F:\programmie\VisualStudio\Common7\IDE\devenv.exe
FirewallRules: [{CA974891-3E95-4F3D-9908-67B01417506B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CABD434D-12EF-46ED-8836-FCBDDDF2E21C}F:\programme\vlc\vlc.exe] => (Allow) F:\programme\vlc\vlc.exe
FirewallRules: [UDP Query User{BB3447DA-0C58-4DC8-8D93-F702EE4E50E9}F:\programme\vlc\vlc.exe] => (Allow) F:\programme\vlc\vlc.exe
FirewallRules: [{CCE4E61E-3B78-40C8-84BC-5CA0D7448E50}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{5AF5EAF8-AFDD-4335-B666-8593FBD2070E}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\DrvUpdate.exe

==================== Wiederherstellungspunkte =========================

22-06-2016 09:03:53 Geplanter Prüfpunkt
25-06-2016 14:28:33 Installiert Screen Split
01-07-2016 14:07:10 Installed Oracle VM VirtualBox 5.0.24
07-07-2016 12:47:18 AMDCleanupUtility Restore Point
10-07-2016 15:22:11 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/10/2016 03:22:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.7.0.271, Zeitstempel: 0x57515883
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x211c
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5

Error: (07/10/2016 03:22:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (07/10/2016 03:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.7.0.271, Zeitstempel: 0x57515883
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x201c
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5

Error: (07/10/2016 12:41:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsh70D1.exe, Version: 0.0.0.0, Zeitstempel: 0x578224d8
Name des fehlerhaften Moduls: nsh70D1.exe, Version: 0.0.0.0, Zeitstempel: 0x578224d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x20b8
Startzeit der fehlerhaften Anwendung: 0xnsh70D1.exe0
Pfad der fehlerhaften Anwendung: nsh70D1.exe1
Pfad des fehlerhaften Moduls: nsh70D1.exe2
Berichtskennung: nsh70D1.exe3
Vollständiger Name des fehlerhaften Pakets: nsh70D1.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsh70D1.exe5

Error: (07/10/2016 12:41:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: nsh70D1.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00E03146
Stapel:

Error: (07/10/2016 04:21:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsr710F.exe, Version: 0.0.0.0, Zeitstempel: 0x5781ad51
Name des fehlerhaften Moduls: nsr710F.exe, Version: 0.0.0.0, Zeitstempel: 0x5781ad51
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x204c
Startzeit der fehlerhaften Anwendung: 0xnsr710F.exe0
Pfad der fehlerhaften Anwendung: nsr710F.exe1
Pfad des fehlerhaften Moduls: nsr710F.exe2
Berichtskennung: nsr710F.exe3
Vollständiger Name des fehlerhaften Pakets: nsr710F.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsr710F.exe5

Error: (07/10/2016 04:21:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: nsr710F.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00053146
Stapel:

Error: (07/10/2016 03:01:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsk5FAA.exe, Version: 0.0.0.0, Zeitstempel: 0x57819843
Name des fehlerhaften Moduls: nsk5FAA.exe, Version: 0.0.0.0, Zeitstempel: 0x57819843
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x13bc
Startzeit der fehlerhaften Anwendung: 0xnsk5FAA.exe0
Pfad der fehlerhaften Anwendung: nsk5FAA.exe1
Pfad des fehlerhaften Moduls: nsk5FAA.exe2
Berichtskennung: nsk5FAA.exe3
Vollständiger Name des fehlerhaften Pakets: nsk5FAA.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsk5FAA.exe5

Error: (07/10/2016 03:01:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: nsk5FAA.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00223146
Stapel:

Error: (07/10/2016 12:25:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemHealer.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8e4

Startzeit: 01d1da30a38e7863

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\SystemHealer\SystemHealer.exe

Berichts-ID: 1a12cd2d-4624-11e6-b242-bcaec528e8f5

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:


Systemfehler:
=============
Error: (07/10/2016 03:12:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Coacuiedclernege Module" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


Error: (07/10/2016 03:09:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_40129" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2016 03:09:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _40129" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2016 03:09:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_40129" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2016 03:09:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_40129" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2016 03:09:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/10/2016 03:09:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.


Error: (07/10/2016 03:08:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/10/2016 03:08:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/10/2016 03:08:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VIA Karaoke digital mixer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-07-10 15:28:02.581
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:28:02.564
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:27:10.881
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:27:10.865
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:18:23.280
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:18:23.264
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:18:21.230
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:18:21.212
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:05:00.778
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:05:00.759
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X4 955 Processor
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8191.17 MB
Verfügbarer physikalischer RAM: 5505.27 MB
Summe virtueller Speicher: 9471.17 MB
Verfügbarer virtueller Speicher: 6507.91 MB

==================== Laufwerke ================================

Drive c: (SSD500) (Fixed) (Total:465.76 GB) (Free:346.49 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (W-Elements) (Fixed) (Total:1397.26 GB) (Free:1106.8 GB) NTFS
Drive f: (zweite) (Fixed) (Total:931.51 GB) (Free:623.82 GB) NTFS
Drive x: () (Fixed) (Total:119.14 GB) (Free:29.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: FF67AEEB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00510050)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 247A7B0F)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 0012A785)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Alt 11.07.2016, 14:00   #6
M-K-D-B
/// TB-Ausbilder
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



Servus,



gut gemacht.


So geht es weiter:





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
C:\Program Files (x86)\mpck
S2 CoacuiedclernegeModulejedeentsherwusy.exe; "C:\Program Files (x86)\Stabily\CoacuiedclernegeModulejedeentsherwusy.exe" {C25DA384-2010-45A4-A1ED-BFA540D4789B} {9DC74CD5-24EA-4ADE-9C42-608A8CE17116} [X]
C:\Program Files (x86)\Stabily
C:\Users\eva\vercolystecuyConfiguration.dll
CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6B46570F42A0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
C:\Users\eva\AppData\Local\prevuchnirolyghucult
Task: {CBD9382E-8B06-4AF1-AB9F-8AF43442AD83} - System32\Tasks\{FBAB2A37-92E4-40C1-BE7F-FE68411ACADE} => pcalua.exe -a "C:\Program Files\ZipTool\Uninstall.exe" -c -m=control
C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
C:\Users\eva\AppData\Local\Google\Chrome\User Data\gequlywefegeretaward
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8c6fe9a0a65c7f37\Google Chrome.lnk -> C:\Users\eva\AppData\Local\Google\Chrome\User Data\gequlywefegeretaward\Google Profile.ico () -> --profile-directory=gequlywefegeretaward
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
CMD: FOR /D %a IN ("%SYSTEMDRIVE%\Users\*") DO FOR /D %b IN ("%a\AppData\Local\Tempzxpsign*") DO ( RD "%b" /S /Q )
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
  • Starte FRST erneut.
  • Kopiere den Inhalt der folgenden Code-Box in die Zeile "Suche":
    Code:
    ATTFilter
    MPC Cleaner;CloudPrinter;Max Driver Updater;mpc.am;yeabests;
             
  • Drücke auf Registry-Suche.
  • FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
  • Am Ende erstellt FRST eine Textdatei Search.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.





Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die neue Logdatei von FRST (Search.txt),
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Alt 11.07.2016, 23:52   #7
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



Ah, Hallo,
sorry war lange @work. Komme erst morgen abend dazu, die weiteren Schritte abzuarbeiten. Danke
bis dann
eva

so, hab's doch noch erledigt.
Fixlog
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
durchgeführt von eva (2016-07-12 00:07:29) Run:2
Gestartet von C:\Users\eva\Desktop
Geladene Profile: eva (Verfügbare Profile: eva)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Program Files (x86)\mpck
S2 CoacuiedclernegeModulejedeentsherwusy.exe; "C:\Program Files (x86)\Stabily\CoacuiedclernegeModulejedeentsherwusy.exe" {C25DA384-2010-45A4-A1ED-BFA540D4789B} {9DC74CD5-24EA-4ADE-9C42-608A8CE17116} [X]
C:\Program Files (x86)\Stabily
C:\Users\eva\vercolystecuyConfiguration.dll
CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6B46570F42A0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
C:\Users\eva\AppData\Local\prevuchnirolyghucult
Task: {CBD9382E-8B06-4AF1-AB9F-8AF43442AD83} - System32\Tasks\{FBAB2A37-92E4-40C1-BE7F-FE68411ACADE} => pcalua.exe -a "C:\Program Files\ZipTool\Uninstall.exe" -c -m=control
C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
C:\Users\eva\AppData\Local\Google\Chrome\User Data\gequlywefegeretaward
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8c6fe9a0a65c7f37\Google Chrome.lnk -> C:\Users\eva\AppData\Local\Google\Chrome\User Data\gequlywefegeretaward\Google Profile.ico () -> --profile-directory=gequlywefegeretaward
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" 
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
CMD: FOR /D %a IN ("%SYSTEMDRIVE%\Users\*") DO FOR /D %b IN ("%a\AppData\Local\Tempzxpsign*") DO ( RD "%b" /S /Q )
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
C:\Program Files (x86)\mpck => erfolgreich verschoben
CoacuiedclernegeModulejedeentsherwusy.exe => Dienst erfolgreich entfernt
C:\Program Files (x86)\Stabily => erfolgreich verschoben
C:\Users\eva\vercolystecuyConfiguration.dll => erfolgreich verschoben
"HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6B46570F42A0}" => Schlüssel erfolgreich entfernt
C:\Users\eva\AppData\Local\prevuchnirolyghucult => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBD9382E-8B06-4AF1-AB9F-8AF43442AD83}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBD9382E-8B06-4AF1-AB9F-8AF43442AD83}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{FBAB2A37-92E4-40C1-BE7F-FE68411ACADE} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FBAB2A37-92E4-40C1-BE7F-FE68411ACADE}" => Schlüssel erfolgreich entfernt
"C:\Users\eva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" => nicht gefunden.
C:\Users\eva\AppData\Local\Google\Chrome\User Data\gequlywefegeretaward => erfolgreich verschoben
C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Verknüpfung Eigenschaft erfolgreich entfernt.
C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Verknüpfung Eigenschaft erfolgreich entfernt.
C:\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8c6fe9a0a65c7f37\Google Chrome.lnk => Verknüpfung Eigenschaft erfolgreich entfernt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Verknüpfung Eigenschaft erfolgreich entfernt.
C:\Users\Public\Desktop\Google Chrome.lnk => Verknüpfung Eigenschaft erfolgreich entfernt.

========= FOR /D %a IN ("%SYSTEMDRIVE%\Users\*") DO FOR /D %b IN ("%a\AppData\Local\Tempzxpsign*") DO ( RD "%b" /S /Q ) =========


========= Ende vonCMD: =========


========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende vonCMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende vonCMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32751664 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 203629 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 5532 B
eva => 106238467 B

RecycleBin => 76365 B
EmptyTemp: => 132.9 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 00:07:39 ====
         
Search.txt
Code:
ATTFilter
Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
durchgeführt von eva (2016-07-12 00:26:24)
Gestartet von C:\Users\eva\Desktop
Start-Modus: Normal

================== Registry-Suche: "MPC Cleaner;CloudPrinter;Max Driver Updater;mpc.am;yeabests" ===========


===================== Suchergebnis für "MPC Cleaner" ==========

[HKEY_USERS\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"10"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk
C:\Program Files (x86)\MPC Cleaner\MPC.exe
"


===================== Suchergebnis für "Max Driver Updater" ==========

[HKEY_USERS\S-1-5-21-1764389191-2749221916-298074052-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Max Driver Updater\UninstallerCaster.exe"="0x5341435001000000000000000700000028000000003C02000000000003000000000000000000000AF522000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CA080000000000000100000001000000"
====== Ende von Suche ======
         
FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
durchgeführt von eva (Administrator) auf EVASCOMPUTER (12-07-2016 00:31:09)
Gestartet von C:\Users\eva\Desktop
Geladene Profile: eva (Verfügbare Profile: eva)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(AVM Berlin) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) F:\programme\mozilla\thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() F:\programme\locate32_x64-3.1.11.7100\locate32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2016-03-03] (AVM Berlin)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [3834368 2016-06-20] (TomTom)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2640336 2015-08-27] (TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [5602768 2015-09-01] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk [2016-07-10]
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Windows\Installer\{084798D2-33EF-42CC-A925-970AF222898B}\NewShortcut1_5A2CAB8514594533A6B50E3D23448BE1.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c6ef35ba-7431-4f1d-936d-26820bb64337}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc.)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-31] [ist nicht signiert]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-08-18] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-29] (Microsoft Corporation) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 VSStandardCollectorService140; F:\programmie\VisualStudio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2016-03-03] (AVM Berlin)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-06-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192864 2016-06-28] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-12 00:31 - 2016-07-12 00:31 - 00019705 _____ C:\Users\eva\Desktop\FRST.txt
2016-07-12 00:28 - 2016-07-12 00:29 - 00000000 ____D C:\Users\eva\Desktop\frst-logs
2016-07-12 00:26 - 2016-07-12 00:26 - 00001125 _____ C:\Users\eva\Desktop\Search.txt
2016-07-12 00:07 - 2016-07-12 00:07 - 00006470 _____ C:\Users\eva\Desktop\Fixlog.txt
2016-07-12 00:06 - 2016-07-12 00:06 - 00000000 ____D C:\Users\eva\Desktop\FRST-OlderVersion
2016-07-11 23:57 - 2016-07-11 23:57 - 00000000 ___HD C:\OneDriveTemp
2016-07-10 21:25 - 2016-07-10 21:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-10 21:25 - 2016-06-29 19:21 - 00111552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-07-10 21:25 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-10 21:25 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-07-10 21:25 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-10 21:25 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-10 21:24 - 2016-07-10 21:25 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-07-10 21:24 - 2016-06-30 00:39 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-07-10 21:24 - 2016-06-30 00:39 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 31663040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 25431608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 17747392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10680808 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10656296 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10224024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 09013792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 08741848 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 08608120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 02845120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 02471992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436869.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01579976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436869.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00984512 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00909248 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00787384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00786176 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00771640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00709176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00632848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00631288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00601936 _____ C:\Windows\system32\nvmcumd.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00565208 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00549424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00452432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00383936 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00379808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00348216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00316632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00153232 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00131584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-07-10 15:33 - 2016-07-10 15:33 - 00067306 _____ C:\Users\eva\Desktop\FRST-2.txt
2016-07-10 15:17 - 2016-07-10 15:21 - 01610560 _____ (Malwarebytes) C:\Users\eva\Desktop\JRT.exe
2016-07-10 15:05 - 2016-07-10 15:08 - 00000000 ____D C:\AdwCleaner
2016-07-10 15:03 - 2016-07-10 15:04 - 03712064 _____ C:\Users\eva\Desktop\AdwCleaner_5.201.exe
2016-07-10 14:15 - 2016-07-12 00:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-10 14:15 - 2016-07-10 15:06 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-10 14:15 - 2016-07-10 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-10 14:15 - 2016-07-10 14:15 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-10 14:15 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-10 14:15 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-10 14:15 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-10 13:10 - 2016-07-10 13:10 - 00004238 _____ C:\Users\eva\Desktop\MPC-log-aus-dem-win_tmp.txt
2016-07-10 12:39 - 2016-07-10 12:39 - 00066249 _____ C:\Users\eva\Downloads\FRST.txt
2016-07-10 12:38 - 2016-07-12 00:06 - 02390528 _____ (Farbar) C:\Users\eva\Desktop\FRST64.exe
2016-07-10 04:06 - 2016-07-10 04:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\eva\Downloads\HijackThis.exe
2016-07-10 03:31 - 2016-07-10 03:38 - 00061356 _____ C:\Users\eva\Downloads\Addition.txt
2016-07-10 03:24 - 2016-07-12 00:31 - 00000000 ____D C:\FRST
2016-07-10 03:22 - 2016-07-10 03:22 - 01740288 _____ (Farbar) C:\Users\eva\Downloads\FRST.exe
2016-07-10 03:12 - 2016-07-10 03:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-10 03:10 - 2016-07-10 03:11 - 22851472 _____ (Malwarebytes ) C:\Users\eva\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-10 01:43 - 2016-07-10 01:43 - 00000000 ____D C:\$SysReset
2016-07-10 00:59 - 2016-07-10 00:59 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2016-07-10 00:20 - 2016-07-10 00:20 - 00000000 ____D C:\Program Files (x86)\Maxthon
2016-07-10 00:19 - 2016-07-10 00:19 - 00092872 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive.sys
2016-07-10 00:18 - 2016-07-10 01:02 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-07-10 00:17 - 2016-07-10 01:00 - 00000000 ____D C:\Windows\system32\SSL
2016-07-10 00:14 - 2016-07-10 00:12 - 00001691 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-07-07 12:52 - 2016-07-07 12:52 - 00000036 _____ C:\Users\eva\Desktop\altephp5.6versionausdemPath.txt
2016-07-07 12:46 - 2016-07-07 12:47 - 06737632 _____ (Advanced Micro Devices) C:\Users\eva\Downloads\amd1560cleanuputility.exe
2016-07-07 11:33 - 2016-07-07 11:33 - 21953914 _____ C:\Users\eva\Downloads\php-7.0.8-nts-Win32-VC14-x86.zip
2016-07-05 18:29 - 2016-07-05 18:29 - 00000967 _____ C:\Users\eva\Desktop\NLP-8-9.Okt-ExplorersKompakt-gewonnen.txt
2016-07-02 00:57 - 2016-07-02 00:57 - 00002133 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen-2.txt
2016-07-01 14:19 - 2016-07-01 20:19 - 00004323 _____ C:\Users\eva\Desktop\gedok-feeds.txt
2016-07-01 14:07 - 2016-07-01 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-07-01 14:03 - 2016-07-01 14:05 - 113455072 _____ (Oracle Corporation) C:\Users\eva\Downloads\VirtualBox-5.0.24-108355-Win.exe
2016-07-01 13:53 - 2016-07-01 13:54 - 173203674 _____ C:\Users\eva\Downloads\vagrant_1.8.4.msi
2016-06-30 11:18 - 2016-06-30 11:19 - 00000000 ____D C:\Users\eva\Documents\Kurse
2016-06-30 10:06 - 2016-06-30 10:06 - 00028160 _____ C:\Users\eva\Documents\vr-export-wegleitner.xls
2016-06-29 14:31 - 2016-06-29 14:31 - 00002165 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen.txt
2016-06-29 13:48 - 2016-06-29 13:48 - 06569088 _____ (Tim Kosse) C:\Users\eva\Downloads\FileZilla_3.19.0_win64-setup.exe
2016-06-29 12:31 - 2016-07-08 22:07 - 00000000 ____D C:\Users\eva\Documents\GEDOK
2016-06-28 17:21 - 2016-06-28 17:21 - 00192864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-06-28 17:21 - 2016-06-28 17:21 - 00119712 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\eva\AppData\Roaming\EYapp.apk
2016-06-25 14:37 - 2015-09-01 15:11 - 00049152 _____ () C:\Windows\SysWOW64\LGErrorHandler.dll
2016-06-25 14:35 - 2016-06-25 14:36 - 15210348 _____ C:\Users\eva\Downloads\ScreenSplit_6.55.zip
2016-06-25 14:28 - 2016-07-10 15:06 - 00002358 _____ C:\Users\Public\Desktop\Screen Split.lnk
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Split
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-06-25 14:28 - 2015-09-01 15:12 - 00131072 _____ (LG Soft India) C:\Windows\SysWOW64\LGMonitorDDCCISDK.dll
2016-06-25 14:28 - 2015-09-01 15:11 - 00102400 _____ (LG Soft India) C:\Windows\SysWOW64\LGProtocolEngine.dll
2016-06-25 14:28 - 2015-04-13 15:07 - 00019968 _____ C:\Windows\SysWOW64\LGPII2CDriver.sys
2016-06-25 14:28 - 2015-04-13 15:07 - 00016384 _____ (LG Soft India) C:\Windows\SysWOW64\LGI2CDriver.sys
2016-06-25 14:28 - 2014-09-04 09:16 - 00196608 _____ (LG Soft India) C:\Windows\SysWOW64\LGDeviceManager.dll
2016-06-24 21:26 - 2016-06-24 21:35 - 00002928 _____ C:\Users\eva\Desktop\gedok-web-ssl-undnewsletter-umbau.txt
2016-06-24 20:08 - 2016-06-24 20:08 - 00002215 _____ C:\Users\eva\Desktop\windows-mobile-email-einrichtungs-anleitung-STRATO.txt
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838.pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (2).pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (1).pdf
2016-06-24 16:49 - 2016-06-24 16:49 - 00002798 _____ C:\Users\eva\Desktop\confirmation.htm
2016-06-23 20:09 - 2016-06-23 20:09 - 00003584 _____ C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 11:09 - 2016-06-23 11:09 - 00000129 _____ C:\Users\eva\Desktop\gedok-katalog-text.txt
2016-06-21 16:15 - 2016-07-10 15:06 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-06-21 16:08 - 2016-07-10 15:06 - 00001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\Desktop\Painting and Classic Frames
2016-06-21 15:54 - 2016-07-10 15:06 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-06-21 01:29 - 2016-06-21 01:29 - 00052301 _____ C:\Users\eva\Desktop\DHLReturnLabel.pdf
2016-06-21 01:27 - 2016-06-21 01:27 - 00048159 _____ C:\Users\eva\Desktop\DHL_Collection_Details_de.pdf
2016-06-21 01:21 - 2016-06-21 01:21 - 00040845 _____ C:\Users\eva\Desktop\basisband-Eva *****-ENR0105493.pdf
2016-06-21 01:20 - 2016-06-21 01:20 - 00037547 _____ C:\Users\eva\Downloads\Eva *******-ENR0105493.pdf
2016-06-18 17:22 - 2016-06-18 17:22 - 06140101 _____ C:\Users\eva\Downloads\dict-en.oxt
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts.csv
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts (1).csv
2016-06-18 17:05 - 2016-06-18 17:05 - 00042768 _____ C:\Users\eva\Downloads\google.csv
2016-06-14 20:09 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-14 20:09 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 20:09 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-14 20:09 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-14 20:09 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-14 20:09 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-14 20:09 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-14 20:09 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-14 20:09 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-14 20:09 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-14 20:09 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-14 20:09 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-14 20:09 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-14 20:09 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-14 20:09 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-14 20:09 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-14 20:09 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-14 20:08 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-14 20:08 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-14 20:08 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-14 20:08 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-14 20:08 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-14 20:08 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-14 20:08 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-14 20:08 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-14 20:08 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-14 20:08 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-14 20:08 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-14 20:08 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-14 20:08 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-14 20:08 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 20:08 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-14 20:08 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-14 20:08 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-14 20:08 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-14 20:08 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 20:08 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 20:08 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-14 20:08 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-14 20:08 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-14 20:08 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-14 20:08 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-14 20:08 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-14 20:08 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-14 20:08 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-14 20:08 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-14 20:08 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-14 20:08 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 20:08 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-14 20:08 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 20:08 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00579072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 20:08 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 03292672 _____ (Microsoft Corporation) C:\Windows\system32\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-14 20:08 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 02470912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-14 20:08 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-14 20:08 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-14 20:08 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-14 20:08 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-14 20:08 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-14 20:08 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-14 20:08 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-14 20:08 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-14 20:08 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-14 20:08 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-14 20:08 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 19:50 - 2016-07-10 15:06 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-14 19:50 - 2016-07-10 15:06 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-12 00:22 - 2016-02-28 12:24 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-12 00:18 - 2016-03-05 16:08 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{42188E08-F75C-4F15-BB9B-3934F8C818AA}
2016-07-12 00:18 - 2016-02-27 23:58 - 00000000 ____D C:\Users\eva\AppData\Local\Adobe
2016-07-12 00:14 - 2016-02-27 23:22 - 01909068 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-12 00:14 - 2015-10-30 20:35 - 00817138 _____ C:\Windows\system32\perfh007.dat
2016-07-12 00:14 - 2015-10-30 20:35 - 00172644 _____ C:\Windows\system32\perfc007.dat
2016-07-12 00:14 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-07-12 00:10 - 2016-06-07 20:07 - 00000000 ___RD C:\Users\eva\iCloudDrive
2016-07-12 00:10 - 2016-02-28 00:03 - 00000000 ___RD C:\Users\eva\Creative Cloud Files
2016-07-12 00:10 - 2016-02-28 00:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-12 00:10 - 2016-02-27 23:28 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-12 00:10 - 2016-02-27 23:22 - 00000000 ___RD C:\Users\eva\OneDrive
2016-07-12 00:08 - 2016-05-24 19:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-12 00:08 - 2016-02-27 23:14 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-12 00:08 - 2015-10-30 08:28 - 00786432 ___SH C:\Windows\system32\config\BBI
2016-07-12 00:07 - 2016-02-27 23:28 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-12 00:07 - 2016-02-27 23:28 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-12 00:07 - 2016-02-27 23:16 - 00000000 ____D C:\Users\eva
2016-07-12 00:07 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-07-12 00:02 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-10 22:38 - 2016-02-27 23:28 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-10 21:25 - 2016-05-24 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-10 21:25 - 2016-05-24 19:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-10 21:18 - 2016-05-24 19:33 - 00001456 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-07-10 15:22 - 2016-03-03 18:40 - 00000000 ____D C:\Users\eva\AppData\Local\CrashDumps
2016-07-10 15:06 - 2016-06-09 15:07 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-07-10 15:06 - 2016-06-09 15:02 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-07-10 15:06 - 2016-06-07 19:49 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-07-10 15:06 - 2016-05-29 21:56 - 00000735 _____ C:\Users\Public\Desktop\Astroplus Dokumentation.lnk
2016-07-10 15:06 - 2016-05-25 02:04 - 00000746 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-07-10 15:06 - 2016-05-25 01:10 - 00000941 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-07-10 15:06 - 2016-05-25 01:10 - 00000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-07-10 15:06 - 2016-05-24 19:34 - 00001291 _____ C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2016-07-10 15:06 - 2016-05-24 19:33 - 00001140 _____ C:\Users\Public\Desktop\ASUS GPU TweakII.lnk
2016-07-10 15:06 - 2016-04-17 12:43 - 00000935 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2016-07-10 15:06 - 2016-04-06 13:32 - 00001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-07-10 15:06 - 2016-03-27 18:06 - 00000802 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2016-07-10 15:06 - 2016-03-27 18:06 - 00000718 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-07-10 15:06 - 2016-03-19 19:40 - 00000780 _____ C:\Users\Public\Desktop\PuTTY.lnk
2016-07-10 15:06 - 2016-03-19 15:26 - 00000878 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2016-07-10 15:06 - 2016-03-19 15:26 - 00000794 _____ C:\Users\Public\Desktop\WinSCP.lnk
2016-07-10 15:06 - 2016-03-04 00:59 - 00000823 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-07-10 15:06 - 2016-03-03 00:54 - 00000961 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-07-10 15:06 - 2016-02-29 01:22 - 00002697 _____ C:\Users\Public\Desktop\VR-NetWorld.lnk
2016-07-10 15:06 - 2016-02-28 15:45 - 00000847 _____ C:\Users\Public\Desktop\Git Bash.lnk
2016-07-10 15:06 - 2016-02-28 14:05 - 00000799 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2016-07-10 15:06 - 2016-02-28 00:53 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk
2016-07-10 15:05 - 2016-06-09 19:01 - 00002080 _____ C:\Users\eva\Desktop\Windows Software Development Kit.lnk
2016-07-10 15:05 - 2016-05-25 12:48 - 00002057 _____ C:\Users\eva\Desktop\Willkommen zur ASUS Produktregistrierung.lnk
2016-07-10 15:05 - 2016-05-13 19:36 - 00001205 _____ C:\Users\eva\Desktop\sublime text 3.lnk
2016-07-10 15:05 - 2016-05-07 17:04 - 00001475 _____ C:\Users\eva\Desktop\PhpStorm EAP.lnk
2016-07-10 15:05 - 2016-04-06 13:32 - 00001067 _____ C:\Users\eva\Desktop\Adobe Lightroom.lnk
2016-07-10 15:05 - 2016-04-04 12:31 - 00001188 _____ C:\Users\eva\Desktop\AllDupPortable.lnk
2016-07-10 15:05 - 2016-03-17 22:09 - 00001421 _____ C:\Users\eva\Desktop\PhpStorm 2016.1.lnk
2016-07-10 15:05 - 2016-03-05 00:21 - 00001357 _____ C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\toast.lnk
2016-07-10 15:05 - 2016-03-02 14:39 - 00001346 _____ C:\Users\eva\Desktop\homestead        vagrant up.lnk
2016-07-10 15:05 - 2016-02-29 01:17 - 00001111 _____ C:\Users\eva\Desktop\Steuer_FA_Bank.lnk
2016-07-10 15:05 - 2016-02-29 01:15 - 00001240 _____ C:\Users\eva\Desktop\locate32.lnk
2016-07-10 15:05 - 2016-02-28 12:10 - 00000789 _____ C:\Users\eva\Desktop\astrolog.lnk
2016-07-10 15:05 - 2016-02-27 23:22 - 00002383 _____ C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-10 14:57 - 2016-03-03 15:54 - 00000000 ____D C:\Users\eva\AppData\Local\Apps\2.0
2016-07-10 14:57 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\System
2016-07-10 14:34 - 2016-03-03 00:54 - 00000000 ____D C:\Users\eva\AppData\Roaming\FileZilla
2016-07-09 21:22 - 2016-04-15 18:30 - 00000000 ____D C:\Users\eva\AppData\Roaming\vlc
2016-07-09 21:20 - 2016-02-27 23:20 - 00000000 ____D C:\Users\eva\AppData\Local\Packages
2016-07-09 16:41 - 2016-02-28 19:32 - 00007224 _____ C:\Users\eva\.bash_history
2016-07-09 16:40 - 2016-02-28 19:27 - 00000000 ____D C:\Users\eva\.vagrant.d
2016-07-09 10:59 - 2016-02-28 14:05 - 00000000 ____D C:\Users\eva\.VirtualBox
2016-07-08 20:14 - 2016-03-04 23:31 - 00000000 ____D C:\Users\eva\AppData\Local\Composer
2016-07-08 14:46 - 2016-02-28 15:17 - 00000000 ____D C:\Users\eva\AppData\Roaming\Composer
2016-07-07 13:55 - 2016-05-19 19:51 - 00000000 ____D C:\Users\eva\Documents\KunstKateVolksdorf
2016-07-07 11:46 - 2016-02-28 14:45 - 00000000 ____D C:\php
2016-07-07 02:39 - 2016-02-28 14:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-05 09:16 - 2016-02-29 01:06 - 00000000 ____D C:\Users\Public\Documents\VR-NetWorld
2016-07-01 05:13 - 2015-11-10 03:15 - 13617096 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-30 00:39 - 2016-05-24 19:26 - 03814512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-30 00:39 - 2015-11-10 03:17 - 20393528 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-30 00:39 - 2015-11-10 03:14 - 00214592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-06-30 00:39 - 2015-11-10 03:13 - 17445096 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-30 00:39 - 2015-11-10 03:13 - 14472848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-30 00:39 - 2015-11-10 03:09 - 03374720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-30 00:39 - 2015-11-10 01:12 - 00040084 _____ C:\Windows\system32\nvinfo.pb
2016-06-29 19:50 - 2016-05-24 20:51 - 00534072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-29 19:50 - 2016-05-24 20:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 06363072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 02455608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-29 19:50 - 2016-05-24 19:19 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-29 13:49 - 2016-03-03 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-06-28 17:21 - 2016-02-28 14:05 - 00917032 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-06-28 17:21 - 2016-02-28 14:05 - 00143568 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-06-25 17:58 - 2016-06-07 22:32 - 00000000 ____D C:\Users\eva\Documents\adressen
2016-06-25 14:28 - 2016-02-29 01:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-23 18:29 - 2016-02-28 00:11 - 00000000 ____D C:\Users\eva\Documents\Adobe
2016-06-23 18:29 - 2016-02-27 23:20 - 00000000 ____D C:\Users\eva\AppData\Roaming\Adobe
2016-06-23 15:16 - 2016-02-27 23:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-23 10:06 - 2016-03-31 16:50 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-06-22 22:58 - 2016-04-21 21:39 - 00000000 ____D C:\Program Files (x86)\TomTom
2016-06-22 22:57 - 2016-04-21 21:42 - 54989144 _____ C:\Users\eva\Downloads\TomTomMySportsConnectInstaller.exe
2016-06-22 17:16 - 2016-05-24 19:19 - 07208075 _____ C:\Windows\system32\nvcoproc.bin
2016-06-21 16:17 - 2016-02-28 00:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-21 16:17 - 2016-02-28 00:09 - 00000000 ____D C:\Program Files\Adobe
2016-06-17 23:48 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-06-17 23:24 - 2016-03-26 15:49 - 00000000 ____D C:\Users\eva\Downloads\bootstrap-3.3.6-dist
2016-06-17 17:22 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-06-15 00:31 - 2016-02-27 23:11 - 04890512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-06-14 22:01 - 2016-05-24 20:46 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-06-14 22:01 - 2016-05-24 19:33 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-06-14 22:01 - 2016-05-24 19:33 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-06-14 22:01 - 2016-05-24 19:32 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-06-14 22:01 - 2016-05-24 19:32 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-06-14 21:40 - 2016-02-28 14:25 - 00000000 ____D C:\Windows\system32\MRT
2016-06-14 21:36 - 2016-02-28 14:25 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 19:50 - 2016-02-28 00:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-14 19:43 - 2016-03-03 15:54 - 00000000 ____D C:\Users\eva\AppData\Local\Deployment
2016-06-13 00:42 - 2016-03-08 16:37 - 00000000 ____D C:\Program Files (x86)\VR-NetWorld

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\eva\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\eva\AppData\Roaming\AdbWinUsbApi.dll
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\eva\AppData\Roaming\EYapp.apk
2016-03-19 15:33 - 2016-03-19 20:23 - 0000600 _____ () C:\Users\eva\AppData\Roaming\winscp.rnd
2016-06-23 20:09 - 2016-06-23 20:09 - 0003584 _____ () C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-19 14:25 - 2016-04-22 23:48 - 0000600 _____ () C:\Users\eva\AppData\Local\PUTTY.RND
2016-03-20 21:05 - 2016-03-20 21:05 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-03 17:09

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 11.07.2016, 23:55   #8
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



und noch der Addition.txt
FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
durchgeführt von eva (2016-07-12 00:31:55)
Gestartet von C:\Users\eva\Desktop
Windows 10 Pro Version 1511 (X64) (2016-02-27 21:15:50)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1764389191-2749221916-298074052-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1764389191-2749221916-298074052-503 - Limited - Disabled)
eva (S-1-5-21-1764389191-2749221916-298074052-1001 - Administrator - Enabled) => C:\Users\eva
Gast (S-1-5-21-1764389191-2749221916-298074052-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.0.090 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Astrocontact Astroplus (HKLM-x32\...\Astrocontact Astroplus Demo_is1) (Version:  - Astrocontact Software)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.0.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
CodedUITestUAP (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.19.1 de-DE (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.3.19290 - Landesfinanzdirektion Thüringen)
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.7 (x32 Version: 1.7.40113.5 - Microsoft Corporation) Hidden
Git version 2.7.2 (HKLM\...\Git_is1) (Version: 2.7.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
IDE Tools for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JetBrains PhpStorm 10.0.3 (HKLM-x32\...\PhpStorm 10.0.3) (Version: 143.1770 - JetBrains s.r.o.)
JetBrains PhpStorm 145.184.39 (HKLM-x32\...\PhpStorm 145.184.39) (Version: 145.184.39 - JetBrains s.r.o.)
JetBrains PhpStorm 2016.1 (HKLM-x32\...\PhpStorm 2016.1) (Version: 145.258.2 - JetBrains s.r.o.)
JetBrains PhpStorm 2016.1.1 (HKLM-x32\...\PhpStorm 2016.1.1) (Version: 145.969.15 - JetBrains s.r.o.)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Update 2 (HKLM-x32\...\{f2892dc5-7ac2-4ae4-a296-b5b159f61255}) (Version: 14.0.25123.0 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.0 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{7EB9C851-997C-4B84-BE81-D064FA62B0D4}) (Version: 5.10.1 - Node.js Foundation)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
OpenOffice 4.1.2 Language Pack (German) (HKLM-x32\...\{E0E6DB8D-D2B1-4A0B-A09C-44DBC09BF499}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.24 (HKLM\...\{BA15D402-19CA-493E-958B-170A0C446F25}) (Version: 5.0.24 - Oracle Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
PuTTY release 0.67 (HKLM-x32\...\PuTTY_is1) (Version: 0.67 - Simon Tatham)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Add to Path (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.57 - LG Electronics Inc.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.31.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vagrant (HKLM-x32\...\{46269A3F-7DFD-4920-AC45-B598BEA166AA}) (Version: 1.8.4 - HashiCorp)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )
VR-NetWorld Software (HKLM-x32\...\{084798D2-33EF-42CC-A925-970AF222898B}) (Version: 6.00.17 - Volksbanken Raiffeisenbanken)
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
vs_update2notification (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - )
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2592BE6C-EB83-4210-955F-9EF63AF3AE48} - System32\Tasks\AdobeAAMUpdater-1.0-EVASCOMPUTER-eva => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {2C3F4CEB-C0DF-4C22-B512-5BBC28EEF5E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {3AC0ED25-46DC-4FAC-9DA9-4176A4C9C6BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-14] (Microsoft Corporation)
Task: {7AD13281-AD72-41DF-8929-E21AF802BB5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {8CD26B33-7E15-4589-916D-13D6DC08231B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {A0871AE6-A033-4957-87C3-2C5B88791DAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {AC5538EE-4D21-46A2-927D-4E927DF78F8F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-eva@****** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {CC3DCC71-59F2-4726-B80F-3C96848A0DBF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {F4C32A4B-B0A7-407C-BF14-4096F856B31C} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => F:\programmie\VisualStudio\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-05-24 19:19 - 2016-06-29 19:50 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-24 21:07 - 2012-08-31 16:03 - 00288768 ____N () C:\Windows\System32\HP1100LM.DLL
2016-03-24 21:15 - 2012-08-31 16:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2015-08-18 22:31 - 2015-08-18 22:31 - 00048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-05-24 20:45 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-12 19:44 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-12 19:44 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-24 17:43 - 2016-05-24 17:43 - 00959168 _____ () C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-28 15:17 - 2013-11-22 17:10 - 00103880 _____ () C:\Program Files (x86)\ComposerSetup\shellext64.dll
2016-06-27 17:22 - 2016-06-27 17:22 - 00052912 _____ () F:\programme\FileZilla FTP Client\fzshellext_64.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-28 14:24 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 23:29 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 20:08 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 20:08 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 20:08 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 20:08 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-11-28 14:15 - 2013-07-04 17:12 - 01966080 _____ () F:\programme\locate32_x64-3.1.11.7100\locate32.exe
2015-11-28 14:15 - 2013-07-04 17:12 - 00044544 _____ () F:\programme\locate32_x64-3.1.11.7100\keyhelper.dll
2015-11-28 14:15 - 2013-07-04 17:12 - 00122880 _____ () F:\programme\locate32_x64-3.1.11.7100\lan_en.dll
2015-11-28 14:15 - 2013-07-04 17:12 - 00048128 _____ () F:\programme\locate32_x64-3.1.11.7100\imghnd.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-24 19:32 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-24 17:43 - 2016-05-24 17:43 - 00679624 _____ () C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00016896 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\DeviceDetection.dll
2016-06-20 15:19 - 2016-06-20 15:19 - 01076736 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\ContentManager.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00019968 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TomTomSupporterBase.dll
2016-06-20 15:19 - 2016-06-20 15:19 - 00028672 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\QtSolutions_SingleApplication.dll
2016-06-20 15:17 - 2016-06-20 15:17 - 00109568 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\kqoauth.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00017920 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TimeParse.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-06-03 03:36 - 2016-06-03 03:36 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2009-08-04 18:23 - 2009-08-04 18:23 - 00063032 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll
2009-08-04 18:23 - 2009-08-04 18:23 - 00075320 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll
2016-06-27 17:22 - 2016-06-27 17:22 - 00048816 _____ () F:\programme\FileZilla FTP Client\fzshellext.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-06-08 00:41 - 2016-06-08 00:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-06-17 23:39 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 23:39 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-05-20 17:30 - 2016-05-20 17:30 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00121344 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-03 03:20 - 2016-06-03 03:20 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-05-20 17:30 - 2016-05-20 17:30 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-05-20 17:29 - 2016-05-20 17:29 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-07-10 02:50 - 00001331 ____A C:\Windows\system32\Drivers\etc\hosts

192.168.10.10       phpmyadmin.dev
192.168.10.11  		moiekraam.dev
192.168.10.10  		gedok_drei.dev
192.168.10.10  		katesieben2015.dev
192.168.10.10  		katesechs2015.dev
192.168.10.10  		kateacht2015.dev
192.168.10.10  		kateneun2015.dev
192.168.10.10  		KateEins2016Spark.dev
192.168.10.10  		schuermann.dev
192.168.10.10  		MoieLanding2.dev
192.168.10.10  		katezwei2016.dev
192.168.10.10  		katedrei2016.dev
192.168.10.10  		lw-2016-KatenBlog.dev
192.168.10.10  		wp.lw-2016-KatenBlog.dev

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{784112A9-A3C6-4BDD-9ED8-46BA7A307E24}F:\programmie\virtualboxwin10\vboxheadless.exe] => (Allow) F:\programmie\virtualboxwin10\vboxheadless.exe
FirewallRules: [UDP Query User{241D35D6-8731-4CA8-984E-422512C48EE2}F:\programmie\virtualboxwin10\vboxheadless.exe] => (Allow) F:\programmie\virtualboxwin10\vboxheadless.exe
FirewallRules: [{F4A6582C-1073-4442-B4E6-948D9130B9AD}] => (Allow) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{71550C36-8C38-4023-83EC-50DF5EF66FD3}] => (Allow) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{DFCB7EEF-64DC-4E38-8411-9043634D4B97}C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{03CDE024-49F7-4AFE-A14D-EAA929A2C7B3}C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{9BBACB26-BB64-4EAF-AFBD-1BA7B4124F78}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{2DC9576D-28D8-472D-8433-6962859A39FE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8ED3AD6D-AB33-4C31-AF5B-BDBA2D5976AF}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2981F380-867B-4867-903E-E4D3288068C9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B8C0C8A8-1219-4229-AD8F-DB01EB2E1F3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{20BB3DA7-B517-4182-BBDF-D11DF0A54F1D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{F7F92C6B-1E55-4E50-805F-174271A587BA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BA72B91B-ED78-4851-8100-2E5F36CA6479}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B3CB3673-4F10-4074-8417-C72C7249F17D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{85A1331A-1F28-4627-91A0-3319129B2E2C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{826AD43B-2EB6-40C8-B0B4-8C986844D993}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9333F9D2-6F7D-4966-A834-BA7B8789FDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C2816592-6068-43F3-B12B-4AA4168A5745}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21F23D24-9663-44FF-B24E-F683694D9BB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{44EB0A33-6357-430D-A878-9451A45E104F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{814CA135-EA5C-4B63-B4A4-9EFE6F306F2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B690A38D-BEF2-47CF-905F-1E639DF45DA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47251C24-8FF7-4958-AEF9-42F31057750F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{06859BF8-A87B-4669-AFF7-A4831A25E8E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5BBA4D12-2EBE-4318-9275-A5BE63B151BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4BE8013-364F-4C28-A149-C37A9F2D52D6}] => (Allow) F:\programmie\VisualStudio\Common7\IDE\devenv.exe
FirewallRules: [{CA974891-3E95-4F3D-9908-67B01417506B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CABD434D-12EF-46ED-8836-FCBDDDF2E21C}F:\programme\vlc\vlc.exe] => (Allow) F:\programme\vlc\vlc.exe
FirewallRules: [UDP Query User{BB3447DA-0C58-4DC8-8D93-F702EE4E50E9}F:\programme\vlc\vlc.exe] => (Allow) F:\programme\vlc\vlc.exe
FirewallRules: [{CCE4E61E-3B78-40C8-84BC-5CA0D7448E50}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{5AF5EAF8-AFDD-4335-B666-8593FBD2070E}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\DrvUpdate.exe

==================== Wiederherstellungspunkte =========================

25-06-2016 14:28:33 Installiert Screen Split
01-07-2016 14:07:10 Installed Oracle VM VirtualBox 5.0.24
07-07-2016 12:47:18 AMDCleanupUtility Restore Point
10-07-2016 15:22:11 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/10/2016 11:16:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: EVASCOMPUTER)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (07/10/2016 11:15:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: EVASCOMPUTER)
Description: Das Paket „Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (07/10/2016 03:22:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.7.0.271, Zeitstempel: 0x57515883
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x211c
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5

Error: (07/10/2016 03:22:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (07/10/2016 03:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.7.0.271, Zeitstempel: 0x57515883
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x201c
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5

Error: (07/10/2016 12:41:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsh70D1.exe, Version: 0.0.0.0, Zeitstempel: 0x578224d8
Name des fehlerhaften Moduls: nsh70D1.exe, Version: 0.0.0.0, Zeitstempel: 0x578224d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x20b8
Startzeit der fehlerhaften Anwendung: 0xnsh70D1.exe0
Pfad der fehlerhaften Anwendung: nsh70D1.exe1
Pfad des fehlerhaften Moduls: nsh70D1.exe2
Berichtskennung: nsh70D1.exe3
Vollständiger Name des fehlerhaften Pakets: nsh70D1.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsh70D1.exe5

Error: (07/10/2016 12:41:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: nsh70D1.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00E03146
Stapel:

Error: (07/10/2016 04:21:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsr710F.exe, Version: 0.0.0.0, Zeitstempel: 0x5781ad51
Name des fehlerhaften Moduls: nsr710F.exe, Version: 0.0.0.0, Zeitstempel: 0x5781ad51
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x204c
Startzeit der fehlerhaften Anwendung: 0xnsr710F.exe0
Pfad der fehlerhaften Anwendung: nsr710F.exe1
Pfad des fehlerhaften Moduls: nsr710F.exe2
Berichtskennung: nsr710F.exe3
Vollständiger Name des fehlerhaften Pakets: nsr710F.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsr710F.exe5

Error: (07/10/2016 04:21:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: nsr710F.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00053146
Stapel:

Error: (07/10/2016 03:01:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nsk5FAA.exe, Version: 0.0.0.0, Zeitstempel: 0x57819843
Name des fehlerhaften Moduls: nsk5FAA.exe, Version: 0.0.0.0, Zeitstempel: 0x57819843
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013146
ID des fehlerhaften Prozesses: 0x13bc
Startzeit der fehlerhaften Anwendung: 0xnsk5FAA.exe0
Pfad der fehlerhaften Anwendung: nsk5FAA.exe1
Pfad des fehlerhaften Moduls: nsk5FAA.exe2
Berichtskennung: nsk5FAA.exe3
Vollständiger Name des fehlerhaften Pakets: nsk5FAA.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nsk5FAA.exe5


Systemfehler:
=============
Error: (07/12/2016 12:08:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.


Error: (07/12/2016 12:08:00 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50 = Die Anforderung wird nicht unterstützt.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (07/12/2016 12:07:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1c8f10f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2016 12:07:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1c8f10f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2016 12:07:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1c8f10f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2016 12:07:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1c8f10f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2016 12:07:55 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/12/2016 12:07:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/12/2016 12:07:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/12/2016 12:07:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-07-10 15:28:02.581
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:28:02.564
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:27:10.881
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:27:10.865
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:18:23.280
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:18:23.264
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:18:21.230
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:18:21.212
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:05:00.778
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-10 15:05:00.759
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X4 955 Processor
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8191.17 MB
Verfügbarer physikalischer RAM: 5093.05 MB
Summe virtueller Speicher: 9471.17 MB
Verfügbarer virtueller Speicher: 6013.63 MB

==================== Laufwerke ================================

Drive c: (SSD500) (Fixed) (Total:465.76 GB) (Free:345.42 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (W-Elements) (Fixed) (Total:1397.26 GB) (Free:1102.36 GB) NTFS
Drive f: (zweite) (Fixed) (Total:931.51 GB) (Free:623.82 GB) NTFS
Drive x: () (Fixed) (Total:119.14 GB) (Free:29.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: FF67AEEB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00510050)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 247A7B0F)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 0012A785)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
--- --- ---


vielen Dank
eva

Alt 12.07.2016, 19:24   #9
M-K-D-B
/// TB-Ausbilder
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



Servus,


wir und kontrollieren nochmal alles.


ESET kann längern dauern.




Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Alt 14.07.2016, 15:00   #10
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



Hallo,
hier das log vom ESET (ist fast zwei Tage gelaufen)
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2eda7b50d2d82846bfe48b9bda5e0af2
# end=init
# utc_time=2016-07-12 06:47:00
# local_time=2016-07-12 08:47:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30087
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2eda7b50d2d82846bfe48b9bda5e0af2
# end=updated
# utc_time=2016-07-12 06:49:50
# local_time=2016-07-12 08:49:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=2eda7b50d2d82846bfe48b9bda5e0af2
# engine=30087
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-07-14 07:11:59
# local_time=2016-07-14 09:11:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 138388 22294462 0 0
# scanned=2700022
# found=12
# cleaned=0
# scan_time=44528
sh=263485FA020C0732F0D2BFD36B4F99BD5F1C7963 ft=1 fh=978172460640e5e5 vn="Variante von Win32/MPCCleaner.A evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Stabily\vercolystecuyConfiguration.dll"
sh=F97B28B24FB74A3F08F05AE39ED3CF430206AD35 ft=1 fh=8e5a28ab9eea9e5b vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="F:\benutzerordner\downloads_neu_auf_f\Downloader-fuer-hwmonitor-121-64bit.exe"
sh=C885802C60940C98AD69E7147352CE59189868EA ft=1 fh=92375844a5a83029 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="F:\benutzerordner\downloads_neu_auf_f\uTorrent.exe"
sh=EBFD9B6742268A2E258C59254104F2F2787E5AD5 ft=1 fh=c71c001188e5b19d vn="Win32/InstallCore.DX evtl. unerwünschte Anwendung" ac=I fn="F:\benutzerordner\downloads_neu_auf_f\ZipExtractorSetup.exe"
sh=133AE3446BD8E9F77C95F62534E6C3E1FDC278D8 ft=1 fh=fd7692d37da1e2f7 vn="Win32/InstallCore.CD evtl. unerwünschte Anwendung" ac=I fn="F:\benutzerordner\downloads_neu_auf_f\ZipOpenerSetup.exe"
sh=D497051200ADDC09ED5ED67072F98A5EE45FBAFC ft=0 fh=0000000000000000 vn="PHP/Obfuscated.D evtl. unerwünschte Anwendung" ac=I fn="F:\kopie_v_alt\zwischenspeicher\xp_dateien\xp_eigene_d\downloads_g\chat.zip"
sh=CECDF3984792EEDC96CD3F0C2D9C33E99B6C9845 ft=1 fh=47d43e890f420bd2 vn="Variante von Win32/CnsMin.AD evtl. unerwünschte Anwendung" ac=I fn="F:\kopie_v_alt\zwischenspeicher\xp_dateien\xp_eigene_d\downloads_g\DivXInstaller.exe"
sh=F09891868A4F7116B850F1C05E9A1D9FB26ECF4B ft=0 fh=0000000000000000 vn="PHP/Obfuscated.D evtl. unerwünschte Anwendung" ac=I fn="F:\kopie_v_alt\zwischenspeicher\xp_dateien\xp_eigene_d\downloads_g\chat\bannen_inc.php"
sh=D48525A9BCC0A802ED69EC28587F357A6A084B3B ft=0 fh=0000000000000000 vn="PHP/Obfuscated.D evtl. unerwünschte Anwendung" ac=I fn="F:\kopie_v_alt\zwischenspeicher\xp_dateien\xp_eigene_d\downloads_g\chat\ban_inc.php"
sh=F669F2208D0F57CE920BCB8E94A3491C24A228C2 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.D evtl. unerwünschte Anwendung" ac=I fn="F:\kopie_v_alt\zwischenspeicher\xp_dateien\xp_eigene_d\downloads_g\chat\maulkorb_inc.php"
sh=C885802C60940C98AD69E7147352CE59189868EA ft=1 fh=92375844a5a83029 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="F:\sicherungen\Windows.old\Users\*******\AppData\Roaming\uTorrent\updates\3.4.0_30635.exe"
sh=C885802C60940C98AD69E7147352CE59189868EA ft=1 fh=92375844a5a83029 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="X:\Windows.old\Users\********\AppData\Roaming\uTorrent\updates\3.4.0_30635.exe"
         
hier das hitman log:
Code:
ATTFilter
HitmanPro 3.7.14.265
www.hitmanpro.com

   Computer name . . . . : EVASCOMPUTER
   Windows . . . . . . . : 10.0.0.10586.X64/4
   User name . . . . . . : EVASCOMPUTER\eva
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-07-14 10:38:55
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 3s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 4

   Objects scanned . . . : 3.166.796
   Files scanned . . . . : 222.262
   Remnants scanned  . . : 1.277.225 files / 1.667.309 keys

Suspicious files ____________________________________________________________

   C:\Users\eva\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.390.016 bytes
      Age  . . . . . . . : 3.9 days (2016-07-10 12:38:32)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A5F19C76C3E67F6C112A368E04E62DD6A6D6E7A5BEC7820D1B047A3BB8899F67
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\eva\Desktop\FRST64.exe
      Size . . . . . . . : 2.390.528 bytes
      Age  . . . . . . . : 2.4 days (2016-07-12 00:06:37)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : F09AE88DE20A3DFB341918BBC7E2B416BD3392E2222207653D65809018970452
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -78.0s C:\Users\eva\OneDrive\Bilder\Eigene Aufnahmen\WP_20160711_17_51_02_Pro.jpg
         -71.1s C:\Users\eva\OneDrive\Bilder\Eigene Aufnahmen\WP_20160711_17_50_46_Pro.jpg
         -41.2s C:\Users\eva\OneDrive\Bilder\Eigene Aufnahmen\WP_20160711_17_50_42_Pro.jpg
         -39.1s C:\Users\eva\OneDrive\Bilder\Gespeicherte Bilder\WP_20160711_12_57_09_Pro_1468235028.jpg
         -13.2s C:\Users\eva\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012016070420160711\
         -13.2s C:\Users\eva\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012016071220160713\
         -9.4s C:\Users\eva\OneDrive\Bilder\Eigene Aufnahmen\WP_20160711_12_56_40_Pro.jpg
          0.0s C:\Users\eva\Desktop\FRST64.exe
          0.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\63\DCACD455757113EB.dat
          0.9s C:\Users\eva\OneDrive\Bilder\Eigene Aufnahmen\WP_20160711_11_30_32_Pro.jpg
          4.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\81\98D3E3DCEE1FB3AD.dat
          5.0s C:\Users\eva\Desktop\FRST-OlderVersion\
          5.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\81\972D2A16B1D307C9.dat
          6.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\90\8C83F586EE0813AA.dat
         31.4s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E7E271AF-7908-451B-B2B2-A862F3E8CBDF}
         31.8s C:\Users\eva\OneDrive\Bilder\Eigene Aufnahmen\WP_20160711_11_28_49_Pro.jpg
         43.0s C:\Users\eva\OneDrive\Bilder\Eigene Aufnahmen\WP_20160711_11_28_40_Pro.jpg
         52.3s C:\Users\eva\Desktop\frst-logs\Fixlog.txt
         53.3s C:\FRST\Quarantine\C\Users\
         53.3s C:\FRST\Quarantine\C\Users\eva\
         53.4s C:\FRST\Quarantine\C\Users\eva\AppData\
         53.4s C:\FRST\Quarantine\C\Users\eva\AppData\Local\
         53.4s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.115.gthr
         53.4s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.115.Crwl
         55.4s C:\FRST\Quarantine\C\Windows\System32\Tasks\
         55.7s C:\FRST\Quarantine\C\Users\eva\AppData\Local\Google\Chrome\
         55.7s C:\FRST\Quarantine\C\Users\eva\AppData\Local\Google\Chrome\User Data\
         55.7s C:\FRST\Quarantine\C\Users\eva\AppData\Local\Google\
         57.9s C:\FRST\Quarantine\C\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\
         57.9s C:\FRST\Quarantine\C\Users\eva\AppData\Roaming\Microsoft\
         57.9s C:\FRST\Quarantine\C\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
         57.9s C:\FRST\Quarantine\C\Users\eva\AppData\Roaming\
         58.0s C:\FRST\Quarantine\C\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\
         58.0s C:\FRST\Quarantine\C\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\
         58.0s C:\FRST\Quarantine\C\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\
         58.0s C:\FRST\Quarantine\C\Users\eva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8c6fe9a0a65c7f37\
         58.1s C:\FRST\Quarantine\C\Users\Public\Desktop\
         58.1s C:\FRST\Quarantine\C\Users\Public\
         61.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{D3B3C72B-9AE3-462C-A453-F2A1F779CD5C}
         62.8s C:\Users\eva\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\
         62.8s C:\Users\eva\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\
         62.8s C:\Users\eva\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
         63.3s C:\Users\eva\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\5f7b5f1e01b83767.automaticDestinations-ms
         63.4s C:\Windows\Temp\MPInstrumentation\
         65.4s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\8355fcfc98174422570a51236ffbaadc_3148515e-a102-4a76-905d-eebbb7603f1e
         65.5s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\eabdd5535cfe7e7d422af3726c436741_3148515e-a102-4a76-905d-eebbb7603f1e
         66.0s C:\Users\eva\AppData\Local\Microsoft\Windows\INetCache\IE\
         66.0s C:\Users\eva\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\
         66.1s C:\Users\eva\AppData\Local\Microsoft\Windows\INetCache\IE\container.dat
         66.1s C:\Users\eva\AppData\Local\Microsoft\Windows\INetCookies\DNTException\
         77.8s C:\FRST\Logs\Fixlog_12-07-2016_00-07-55.txt
         78.0s C:\Users\eva\AppData\Local\IconCache.db
         78.0s C:\Users\eva\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000091.db
         78.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\37\46C7DFE51AD2EC31.dat

   C:\Users\eva\Downloads\FRST.exe
      Size . . . . . . . : 1.740.288 bytes
      Age  . . . . . . . : 4.3 days (2016-07-10 03:22:13)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : D7F8856D466D6B41826467515841AEEB4AE34A603ACD8E89CD5781FF0DE1A9B1
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\eva\Downloads\FRST.exe
          1.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\13\6E89BE5AB215D031.dat
          1.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\13\6E89BE5AB215D031.dat
          7.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\34\
          7.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\34\88AD19FCCCAB0D0A.dat
          7.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\34\88AD19FCCCAB0D0A.dat
         34.8s C:\Windows\Prefetch\FRST.EXE-776788BD.pf
         36.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\10\83E26759FEEC34C2.dat


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}\ (SpaceSoundPro)
         
im nächsten post die beiden FRST logs
eva

Alt 14.07.2016, 15:12   #11
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



die beiden FRST logs. d.h. es passt erstmal nur ein Teil des frst.txt,
denn dazwischen gabs ein windows Update.

FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02
durchgeführt von eva (Administrator) auf EVASCOMPUTER (14-07-2016 15:51:17)
Gestartet von C:\Users\eva\Desktop
Geladene Profile: eva (Verfügbare Profile: eva)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\ASGT.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(AVM Berlin) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2016-03-03] (AVM Berlin)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [3834368 2016-06-20] (TomTom)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2640336 2015-08-27] (TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [5602768 2015-09-01] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk [2016-07-10]
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Windows\Installer\{084798D2-33EF-42CC-A925-970AF222898B}\NewShortcut1_5A2CAB8514594533A6B50E3D23448BE1.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c6ef35ba-7431-4f1d-936d-26820bb64337}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-31] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.trotux.com/?z=e6ee2bfd84aa90be2b4ef20g7zbq2bcg0eeo5qbe4o&from=ftp&uid=C300-CTFDDAC128MAG_000000001106030289DD&type=hp","hxxps://www.google.com/"
CHR Profile: C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-14]
CHR Extension: (Google Docs) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-14]
CHR Extension: (Google Drive) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-07-14]
CHR Extension: (YouTube) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-14]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-07-14]
CHR Extension: (Adobe Acrobat) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-07-14]
CHR Extension: (Google Tabellen) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-14]
CHR Extension: (React Developer Tools) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2016-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-14]
CHR Extension: (Wunderlist for Chrome) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2016-07-14]
CHR Extension: (Google Mail) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-08-18] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-29] (Microsoft Corporation) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 VSStandardCollectorService140; F:\programmie\VisualStudio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2016-03-03] (AVM Berlin)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-14] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-06-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192864 2016-06-28] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-14 15:51 - 2016-07-14 15:51 - 00021070 _____ C:\Users\eva\Desktop\FRST.txt
2016-07-14 15:21 - 2016-07-14 15:21 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-14 15:21 - 2016-07-14 15:21 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-14 15:20 - 2016-07-14 15:20 - 00000000 ___HD C:\OneDriveTemp
2016-07-14 14:19 - 2016-07-14 14:19 - 00000000 ____D C:\Program Files\CMAK
2016-07-14 14:19 - 2016-07-14 14:19 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-07-14 14:16 - 2016-07-14 14:16 - 00000170 _____ C:\Users\eva\Desktop\reg-eintrag-geloescht.txt
2016-07-14 12:59 - 2016-07-14 12:59 - 00075736 _____ C:\Users\eva\Desktop\FRST_nach_google_neu.txt
2016-07-14 10:57 - 2016-07-14 15:41 - 00134212 _____ C:\Users\eva\Desktop\hm-FRST.txt
2016-07-14 10:57 - 2016-07-14 15:40 - 00057417 _____ C:\Users\eva\Desktop\hm-Addition.txt
2016-07-14 10:56 - 2016-07-14 10:56 - 00003893 _____ C:\Users\eva\Desktop\eset-log.txt
2016-07-14 10:37 - 2016-07-14 10:51 - 00000000 ____D C:\ProgramData\HitmanPro
2016-07-14 10:35 - 2016-07-14 10:37 - 11438608 _____ (SurfRight B.V.) C:\Users\eva\Downloads\HitmanPro_x64.exe
2016-07-14 10:24 - 2016-07-14 10:24 - 00003178 _____ C:\Users\eva\Desktop\eset-gefundene-bedrohungen.txt
2016-07-13 23:30 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-07-13 23:30 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-13 23:30 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-07-13 23:30 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-07-13 23:30 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-07-13 23:30 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-07-13 23:30 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-07-13 23:30 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-07-13 23:30 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-07-13 23:30 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-07-13 23:30 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-07-13 23:30 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-07-13 23:30 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-07-13 23:30 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-07-13 23:30 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2016-07-13 23:30 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-07-13 23:30 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2016-07-13 23:30 - 2016-07-01 05:46 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\DXToolsMonitor.dll
2016-07-13 23:30 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 23:30 - 2016-07-01 05:44 - 00727552 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsExperiment.dll
2016-07-13 23:30 - 2016-07-01 05:43 - 05667328 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsDesktopEngine.exe
2016-07-13 23:30 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2016-07-13 23:30 - 2016-07-01 05:43 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\DXCap.exe
2016-07-13 23:30 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 05562880 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsRemoteEngine.exe
2016-07-13 23:30 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 23:30 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-13 23:30 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-07-13 23:30 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-13 23:30 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-13 23:30 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-07-13 23:30 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-07-13 23:30 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-13 23:30 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 23:30 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-07-13 23:30 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-07-13 23:30 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-07-13 23:30 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-07-13 23:30 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-07-13 23:30 - 2016-07-01 05:36 - 08574464 _____ (Microsoft Corporation) C:\Windows\system32\DXCaptureReplay.dll
2016-07-13 23:30 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2016-07-13 23:30 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-07-13 23:30 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-07-13 23:30 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-07-13 23:30 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-13 23:30 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-07-13 23:30 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-13 23:30 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-07-13 23:30 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-07-13 23:30 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-07-13 23:30 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-07-13 23:30 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-13 23:30 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 23:30 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-07-13 23:30 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-07-13 23:30 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-13 23:30 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-07-13 23:30 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-07-13 23:30 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-13 23:30 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2016-07-13 23:30 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-07-13 23:30 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-07-13 23:30 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-07-13 23:29 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-07-13 23:29 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-07-13 23:29 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-13 23:29 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-07-13 23:29 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-07-13 23:29 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-07-13 23:29 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 23:29 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-07-13 23:29 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-07-13 23:29 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-07-13 23:29 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-07-13 23:29 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-13 23:29 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-13 23:29 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-07-13 23:29 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2016-07-13 23:29 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-07-13 23:29 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-13 23:29 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-07-13 23:29 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll
2016-07-13 23:29 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-07-13 23:29 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-07-13 23:29 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-07-13 23:29 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-07-13 23:29 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2016-07-13 23:29 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\cdpreference.exe
2016-07-13 23:29 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2016-07-13 23:29 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2016-07-13 23:29 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2016-07-13 23:29 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-07-13 23:29 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-07-13 23:29 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-07-13 23:29 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-13 23:29 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\FingerprintEnrollment.dll
2016-07-13 23:29 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2016-07-13 23:29 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-13 23:29 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Maps.dll
2016-07-13 23:29 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-13 23:29 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2016-07-13 23:29 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\WmpDui.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-07-13 23:29 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2016-07-13 23:29 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-07-13 23:29 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2016-07-13 23:29 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsCapture.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\DXToolsOfflineAnalysis.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\d2d1debug3.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-07-13 23:29 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-07-13 23:29 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-13 23:29 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-07-13 23:29 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-07-13 23:29 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-07-13 23:29 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IconCodecService.dll
2016-07-13 23:29 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-07-13 23:29 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-07-13 23:29 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-07-13 23:29 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll
2016-07-13 23:29 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-07-13 23:29 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-07-13 23:29 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-07-13 23:29 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-07-13 23:29 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2016-07-13 23:29 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2016-07-13 23:29 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2016-07-13 23:29 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-13 23:29 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2016-07-13 23:29 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-07-13 23:29 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-13 23:29 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe
2016-07-13 23:29 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-07-13 23:29 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 23:29 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-07-13 23:29 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-07-13 23:29 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2016-07-13 23:29 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 23:29 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-07-13 23:29 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2016-07-13 23:29 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-07-13 23:29 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2016-07-13 23:29 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-07-13 23:29 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-07-13 23:29 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01001984 _____ (Microsoft Corporation) C:\Windows\system32\d3d12SDKLayers.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-07-13 23:29 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-07-13 23:29 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-13 23:29 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-07-13 23:29 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 23:29 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-07-13 23:29 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-07-13 23:29 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll
2016-07-13 23:29 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 23:29 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 23:29 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-07-13 23:29 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-07-13 23:29 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-07-13 23:29 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-07-13 23:29 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2016-07-13 23:29 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-07-13 23:29 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-13 23:29 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-07-13 23:29 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-07-13 23:28 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-13 23:28 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2016-07-13 23:28 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-07-13 23:28 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2016-07-13 23:28 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-07-13 23:28 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-07-13 23:28 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-13 23:28 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-07-13 23:28 - 2016-07-01 06:38 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-07-13 23:28 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2016-07-13 23:28 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 23:28 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2016-07-13 23:28 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-07-13 23:28 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-07-13 23:28 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-07-13 23:28 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-07-13 23:28 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-07-13 23:28 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2016-07-13 23:28 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2016-07-13 23:28 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-07-13 23:28 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-07-13 23:28 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-07-13 23:28 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-07-13 23:28 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2016-07-13 23:28 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2016-07-13 23:28 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-07-13 23:28 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-07-13 23:28 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-07-13 23:28 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-07-13 23:28 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2016-07-13 23:28 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-07-13 23:28 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-07-13 23:28 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-07-13 23:28 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-07-13 23:28 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2016-07-13 23:28 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 23:28 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-07-13 23:28 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-07-13 23:28 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2016-07-13 23:28 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-07-13 23:28 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-07-13 23:28 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-07-13 23:28 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-07-13 23:28 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-07-13 23:28 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll
2016-07-13 23:28 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-07-13 23:28 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-07-13 23:28 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-07-13 23:28 - 2016-07-01 05:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2016-07-13 23:28 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-07-13 23:28 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 23:28 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-07-13 23:28 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-07-13 23:28 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\SimCfg.dll
2016-07-13 23:28 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-07-13 23:28 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2016-07-13 23:28 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2016-07-13 23:28 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-07-13 23:28 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\SimAuth.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-07-13 23:28 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-07-13 23:28 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\fhsettingsprovider.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack_win.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2016-07-13 23:28 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2016-07-13 23:28 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2016-07-13 23:28 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-07-13 23:28 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-07-13 23:28 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-07-13 23:28 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-07-13 23:28 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-07-13 23:28 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-07-13 23:28 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2016-07-13 23:28 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-07-13 23:28 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-07-13 23:28 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-07-13 23:28 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-07-13 23:28 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-07-13 23:28 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 23:28 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-07-13 23:28 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-07-13 23:28 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2016-07-13 23:28 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-07-13 23:28 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-07-13 23:28 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-07-13 23:28 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2016-07-13 23:28 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-07-13 23:28 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-07-13 23:28 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2016-07-13 23:28 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2016-07-13 23:28 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-07-13 23:28 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2016-07-13 23:28 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-07-13 23:28 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-07-13 23:28 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-07-13 23:28 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimCfg.dll
2016-07-13 23:28 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2016-07-13 23:28 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-07-13 23:28 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2016-07-13 23:28 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-07-13 23:28 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WmpDui.dll
2016-07-13 23:28 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2016-07-13 23:28 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-07-13 23:28 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2016-07-13 23:28 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXToolsMonitor.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsCapture.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsExperiment.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcfile.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 04533760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsDesktopEngine.exe
2016-07-13 23:28 - 2016-07-01 05:26 - 04445184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsRemoteEngine.exe
2016-07-13 23:28 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 06584320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXCaptureReplay.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2016-07-13 23:28 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2016-07-13 23:28 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-07-13 23:28 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-07-13 23:28 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2016-07-13 23:28 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2016-07-13 23:28 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-07-13 23:28 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-07-13 23:28 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-07-13 23:28 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-07-13 23:28 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll
2016-07-13 23:28 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2016-07-13 23:28 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-07-13 23:28 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 23:28 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2016-07-13 23:28 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2016-07-13 23:28 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2016-07-13 23:28 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-07-13 23:28 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-07-13 23:28 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-07-13 23:28 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-07-13 23:28 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-07-13 23:28 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-13 23:28 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-07-13 23:28 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2016-07-13 23:28 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-07-13 23:28 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 23:28 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-07-13 23:28 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-07-13 23:28 - 2016-07-01 05:10 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12SDKLayers.dll
2016-07-13 23:28 - 2016-02-09 06:25 - 00304752 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2016-07-13 23:27 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-13 23:27 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-07-13 23:27 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-07-13 23:27 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-07-13 23:27 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-07-13 23:27 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-07-13 23:27 - 2016-07-01 06:48 - 02656408 _____ C:\Windows\system32\CoreUIComponents.dll
2016-07-13 23:27 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-07-13 23:27 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-07-13 23:27 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-07-13 23:27 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-07-13 23:27 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-07-13 23:27 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-07-13 23:27 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-07-13 23:27 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-07-13 23:27 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-07-13 23:27 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-07-13 23:27 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-07-13 23:27 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-07-13 23:27 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUX.dll
2016-07-13 23:27 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\IconCodecService.dll
2016-07-13 23:27 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2016-07-13 23:27 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-07-13 23:27 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-07-13 23:27 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2016-07-13 23:27 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2016-07-13 23:27 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-07-13 23:27 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2016-07-13 23:27 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2016-07-13 23:27 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-07-13 23:27 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUXHost.exe
2016-07-13 23:27 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-07-13 23:27 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2016-07-13 23:27 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 23:27 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2016-07-13 23:27 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2016-07-13 23:27 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 23:27 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2016-07-13 23:27 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2016-07-13 23:27 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-07-13 23:27 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-07-13 23:27 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2016-07-13 23:27 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2016-07-13 23:27 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-07-13 23:27 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-07-13 23:27 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-07-13 23:27 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-07-13 23:27 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll
2016-07-13 23:27 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2016-07-13 23:27 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2016-07-13 23:27 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-07-13 23:27 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 23:27 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2016-07-13 23:27 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2016-07-13 23:27 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2016-07-13 23:27 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-07-13 23:27 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2016-07-13 23:27 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-07-13 23:27 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 23:27 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 23:27 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2016-07-13 23:27 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 23:27 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2016-07-13 23:27 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2016-07-13 23:27 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimAuth.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ProximityCommon.dll
2016-07-13 23:27 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-07-13 23:27 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-07-13 23:27 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
2016-07-13 23:27 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00833536 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 00655360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXCap.exe
2016-07-13 23:27 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1debug3.dll
2016-07-13 23:27 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2016-07-13 23:27 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2016-07-13 23:27 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2016-07-13 23:27 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-13 23:27 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-07-13 23:27 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-07-13 23:27 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-07-13 23:27 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-07-13 23:27 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2016-07-13 23:27 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 23:27 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-07-13 23:27 - 2016-07-01 05:11 - 01064960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11_3SDKLayers.dll
2016-07-13 23:27 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2016-07-13 23:27 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-07-13 23:27 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-12 20:46 - 2016-07-12 20:46 - 00000000 ____D C:\Program Files (x86)\ESET
2016-07-12 20:45 - 2016-07-12 20:46 - 02870984 _____ (ESET) C:\Users\eva\Downloads\esetsmartinstaller_deu.exe
2016-07-12 01:22 - 2016-07-12 01:22 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign1353bb735fe760a4
2016-07-12 00:28 - 2016-07-12 01:34 - 00000000 ____D C:\Users\eva\Desktop\frst-logs
2016-07-12 00:06 - 2016-07-14 10:56 - 00000000 ____D C:\Users\eva\Desktop\FRST-OlderVersion
2016-07-10 21:25 - 2016-07-10 21:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-10 21:25 - 2016-06-29 19:21 - 00111552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-07-10 21:25 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-10 21:25 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-07-10 21:25 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-10 21:25 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-10 21:24 - 2016-06-30 00:39 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-07-10 21:24 - 2016-06-30 00:39 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 31663040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 25431608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 17747392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10680808 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10656296 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10224024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 09013792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 08741848 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 08608120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 02845120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 02471992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436869.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01579976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436869.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00984512 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00909248 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00787384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00786176 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00771640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00709176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00632848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00631288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00601936 _____ C:\Windows\system32\nvmcumd.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00565208 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00549424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00452432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00383936 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00379808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00348216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00316632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00153232 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00131584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-07-10 15:17 - 2016-07-10 15:21 - 01610560 _____ (Malwarebytes) C:\Users\eva\Desktop\JRT.exe
2016-07-10 15:05 - 2016-07-10 15:08 - 00000000 ____D C:\AdwCleaner
2016-07-10 15:03 - 2016-07-10 15:04 - 03712064 _____ C:\Users\eva\Desktop\AdwCleaner_5.201.exe
2016-07-10 14:15 - 2016-07-14 15:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-10 14:15 - 2016-07-10 15:06 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-10 14:15 - 2016-07-10 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-10 14:15 - 2016-07-10 14:15 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-10 14:15 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-10 14:15 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-10 14:15 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-10 12:39 - 2016-07-10 12:39 - 00066249 _____ C:\Users\eva\Downloads\FRST.txt
2016-07-10 12:38 - 2016-07-14 10:56 - 02390528 _____ (Farbar) C:\Users\eva\Desktop\FRST64.exe
2016-07-10 04:06 - 2016-07-10 04:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\eva\Downloads\HijackThis.exe
2016-07-10 03:31 - 2016-07-10 03:38 - 00061356 _____ C:\Users\eva\Downloads\Addition.txt
2016-07-10 03:24 - 2016-07-14 15:51 - 00000000 ____D C:\FRST
2016-07-10 03:22 - 2016-07-10 03:22 - 01740288 _____ (Farbar) C:\Users\eva\Downloads\FRST.exe
2016-07-10 03:12 - 2016-07-10 03:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-10 03:10 - 2016-07-10 03:11 - 22851472 _____ (Malwarebytes ) C:\Users\eva\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-10 01:43 - 2016-07-10 01:43 - 00000000 ____D C:\$SysReset
2016-07-10 00:59 - 2016-07-10 00:59 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2016-07-10 00:20 - 2016-07-10 00:20 - 00000000 ____D C:\Program Files (x86)\Maxthon
2016-07-10 00:19 - 2016-07-10 00:19 - 00092872 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive.sys
2016-07-10 00:18 - 2016-07-10 01:02 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-07-10 00:17 - 2016-07-10 01:00 - 00000000 ____D C:\Windows\system32\SSL
2016-07-10 00:14 - 2016-07-10 00:12 - 00001691 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-07-07 12:52 - 2016-07-07 12:52 - 00000036 _____ C:\Users\eva\Desktop\altephp5.6versionausdemPath.txt
2016-07-07 12:46 - 2016-07-07 12:47 - 06737632 _____ (Advanced Micro Devices) C:\Users\eva\Downloads\amd1560cleanuputility.exe
2016-07-07 11:33 - 2016-07-07 11:33 - 21953914 _____ C:\Users\eva\Downloads\php-7.0.8-nts-Win32-VC14-x86.zip
2016-07-05 18:29 - 2016-07-05 18:29 - 00000967 _____ C:\Users\eva\Desktop\NLP-8-9.Okt-ExplorersKompakt-gewonnen.txt
2016-07-02 00:57 - 2016-07-02 00:57 - 00002133 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen-2.txt
2016-07-01 14:19 - 2016-07-01 20:19 - 00004323 _____ C:\Users\eva\Desktop\gedok-feeds.txt
2016-07-01 14:07 - 2016-07-01 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-07-01 14:03 - 2016-07-01 14:05 - 113455072 _____ (Oracle Corporation) C:\Users\eva\Downloads\VirtualBox-5.0.24-108355-Win.exe
2016-07-01 13:53 - 2016-07-01 13:54 - 173203674 _____ C:\Users\eva\Downloads\vagrant_1.8.4.msi
2016-06-30 11:18 - 2016-06-30 11:19 - 00000000 ____D C:\Users\eva\Documents\Kurse
2016-06-30 10:06 - 2016-06-30 10:06 - 00028160 _____ C:\Users\eva\Documents\vr-export-wegleitner.xls
2016-06-29 14:31 - 2016-06-29 14:31 - 00002165 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen.txt
2016-06-29 13:48 - 2016-06-29 13:48 - 06569088 _____ (Tim Kosse) C:\Users\eva\Downloads\FileZilla_3.19.0_win64-setup.exe
2016-06-29 12:31 - 2016-07-08 22:07 - 00000000 ____D C:\Users\eva\Documents\GEDOK
2016-06-28 17:21 - 2016-06-28 17:21 - 00192864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-06-28 17:21 - 2016-06-28 17:21 - 00119712 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\eva\AppData\Roaming\EYapp.apk
2016-06-25 14:37 - 2015-09-01 15:11 - 00049152 _____ () C:\Windows\SysWOW64\LGErrorHandler.dll
2016-06-25 14:35 - 2016-06-25 14:36 - 15210348 _____ C:\Users\eva\Downloads\ScreenSplit_6.55.zip
2016-06-25 14:28 - 2016-07-10 15:06 - 00002358 _____ C:\Users\Public\Desktop\Screen Split.lnk
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Split
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-06-25 14:28 - 2015-09-01 15:12 - 00131072 _____ (LG Soft India) C:\Windows\SysWOW64\LGMonitorDDCCISDK.dll
2016-06-25 14:28 - 2015-09-01 15:11 - 00102400 _____ (LG Soft India) C:\Windows\SysWOW64\LGProtocolEngine.dll
2016-06-25 14:28 - 2015-04-13 15:07 - 00019968 _____ C:\Windows\SysWOW64\LGPII2CDriver.sys
2016-06-25 14:28 - 2015-04-13 15:07 - 00016384 _____ (LG Soft India) C:\Windows\SysWOW64\LGI2CDriver.sys
2016-06-25 14:28 - 2014-09-04 09:16 - 00196608 _____ (LG Soft India) C:\Windows\SysWOW64\LGDeviceManager.dll
2016-06-24 21:26 - 2016-06-24 21:35 - 00002928 _____ C:\Users\eva\Desktop\gedok-web-ssl-undnewsletter-umbau.txt
2016-06-24 20:08 - 2016-06-24 20:08 - 00002215 _____ C:\Users\eva\Desktop\windows-mobile-email-einrichtungs-anleitung-STRATO.txt
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838.pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (2).pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (1).pdf
2016-06-24 16:49 - 2016-06-24 16:49 - 00002798 _____ C:\Users\eva\Desktop\confirmation.htm
2016-06-23 20:09 - 2016-06-23 20:09 - 00003584 _____ C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 11:09 - 2016-06-23 11:09 - 00000129 _____ C:\Users\eva\Desktop\gedok-katalog-text.txt
2016-06-21 16:15 - 2016-07-10 15:06 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-06-21 16:08 - 2016-07-10 15:06 - 00001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\Desktop\Painting and Classic Frames
2016-06-21 15:54 - 2016-07-10 15:06 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-06-21 01:29 - 2016-06-21 01:29 - 00052301 _____ C:\Users\eva\Desktop\DHLReturnLabel.pdf
2016-06-21 01:27 - 2016-06-21 01:27 - 00048159 _____ C:\Users\eva\Desktop\DHL_Collection_Details_de.pdf
2016-06-21 01:21 - 2016-06-21 01:21 - 00040845 _____ C:\Users\eva\Desktop\basisband-*****-ENR0105493.pdf
2016-06-21 01:20 - 2016-06-21 01:20 - 00037547 _____ C:\Users\eva\Downloads\*****-ENR0105493.pdf
2016-06-18 17:22 - 2016-06-18 17:22 - 06140101 _____ C:\Users\eva\Downloads\dict-en.oxt
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts.csv
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts (1).csv
2016-06-18 17:05 - 2016-06-18 17:05 - 00042768 _____ C:\Users\eva\Downloads\google.csv
2016-06-14 20:09 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 20:09 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-14 20:09 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-14 20:08 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-14 20:08 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-14 20:08 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-14 20:08 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-14 20:08 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 20:08 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-14 20:08 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:29 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-14 20:08 - 2016-05-28 06:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-14 20:08 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-14 20:08 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 20:08 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 20:08 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00579072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 20:08 - 2016-05-28 06:14 - 03292672 _____ (Microsoft Corporation) C:\Windows\system32\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 02470912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-14 20:08 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-14 20:08 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 19:50 - 2016-07-10 15:06 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-14 19:50 - 2016-07-10 15:06 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

====================
ENde Teil1
====================
         

Alt 14.07.2016, 15:16   #12
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



Folgt Teil 2 vom FRST.txt
Code:
ATTFilter
====================
Teil2
====================


==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-14 15:38 - 2016-02-27 23:28 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-14 15:26 - 2016-02-27 23:22 - 01909068 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-14 15:26 - 2015-10-30 20:35 - 00817138 _____ C:\Windows\system32\perfh007.dat
2016-07-14 15:26 - 2015-10-30 20:35 - 00172644 _____ C:\Windows\system32\perfc007.dat
2016-07-14 15:26 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-07-14 15:21 - 2016-02-27 23:28 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-14 15:20 - 2016-06-07 20:07 - 00000000 ___RD C:\Users\eva\iCloudDrive
2016-07-14 15:20 - 2016-02-28 00:03 - 00000000 ___RD C:\Users\eva\Creative Cloud Files
2016-07-14 15:20 - 2016-02-28 00:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-14 15:20 - 2016-02-27 23:58 - 00000000 ____D C:\Users\eva\AppData\Local\Adobe
2016-07-14 15:20 - 2016-02-27 23:28 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-14 15:20 - 2016-02-27 23:22 - 00000000 ___RD C:\Users\eva\OneDrive
2016-07-14 15:20 - 2016-02-27 23:16 - 00000000 ____D C:\Users\eva
2016-07-14 15:19 - 2016-05-24 19:25 - 00000000 ____D C:\Program Files\Google
2016-07-14 15:19 - 2016-05-24 19:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-14 15:19 - 2016-02-27 23:14 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-14 15:19 - 2015-10-30 08:28 - 00786432 ___SH C:\Windows\system32\config\BBI
2016-07-14 15:14 - 2016-02-27 23:28 - 00000000 ____D C:\Users\eva\AppData\Local\Google
2016-07-14 14:56 - 2016-03-05 16:08 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{42188E08-F75C-4F15-BB9B-3934F8C818AA}
2016-07-14 14:30 - 2016-03-03 18:40 - 00000000 ____D C:\Users\eva\AppData\Local\CrashDumps
2016-07-14 14:22 - 2016-02-27 23:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-14 14:19 - 2015-10-30 20:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PrintDialog
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\DevicesFlow
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\oobe
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\Provisioning
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-14 14:19 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-14 09:18 - 2016-02-28 14:25 - 00000000 ____D C:\Windows\system32\MRT
2016-07-14 09:18 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-07-14 09:14 - 2016-02-28 14:25 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-13 23:08 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-13 23:08 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-07-12 20:41 - 2016-03-03 15:54 - 00000000 ____D C:\Users\eva\AppData\Local\Deployment
2016-07-12 19:36 - 2016-02-28 19:32 - 00007133 _____ C:\Users\eva\.bash_history
2016-07-12 19:35 - 2016-02-28 19:27 - 00000000 ____D C:\Users\eva\.vagrant.d
2016-07-12 18:41 - 2016-02-28 14:05 - 00000000 ____D C:\Users\eva\.VirtualBox
2016-07-12 18:40 - 2016-03-02 14:39 - 00001346 _____ C:\Users\eva\Desktop\homestead        vagrant up.lnk
2016-07-12 01:05 - 2016-04-04 11:00 - 00000000 ____D C:\Users\eva\Documents\sonstigeDokumente
2016-07-12 00:22 - 2016-02-28 12:24 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-10 21:25 - 2016-05-24 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-10 21:25 - 2016-05-24 19:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-10 21:18 - 2016-05-24 19:33 - 00001456 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-07-10 15:06 - 2016-06-09 15:07 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-07-10 15:06 - 2016-06-09 15:02 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-07-10 15:06 - 2016-06-07 19:49 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-07-10 15:06 - 2016-05-29 21:56 - 00000735 _____ C:\Users\Public\Desktop\Astroplus Dokumentation.lnk
2016-07-10 15:06 - 2016-05-25 02:04 - 00000746 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-07-10 15:06 - 2016-05-25 01:10 - 00000941 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-07-10 15:06 - 2016-05-25 01:10 - 00000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-07-10 15:06 - 2016-05-24 19:34 - 00001291 _____ C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2016-07-10 15:06 - 2016-05-24 19:33 - 00001140 _____ C:\Users\Public\Desktop\ASUS GPU TweakII.lnk
2016-07-10 15:06 - 2016-04-17 12:43 - 00000935 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2016-07-10 15:06 - 2016-04-06 13:32 - 00001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2016-07-10 15:06 - 2016-03-27 18:06 - 00000802 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2016-07-10 15:06 - 2016-03-27 18:06 - 00000718 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-07-10 15:06 - 2016-03-19 19:40 - 00000780 _____ C:\Users\Public\Desktop\PuTTY.lnk
2016-07-10 15:06 - 2016-03-19 15:26 - 00000878 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2016-07-10 15:06 - 2016-03-19 15:26 - 00000794 _____ C:\Users\Public\Desktop\WinSCP.lnk
2016-07-10 15:06 - 2016-03-04 00:59 - 00000823 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-07-10 15:06 - 2016-03-03 00:54 - 00000961 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-07-10 15:06 - 2016-02-29 01:22 - 00002697 _____ C:\Users\Public\Desktop\VR-NetWorld.lnk
2016-07-10 15:06 - 2016-02-28 15:45 - 00000847 _____ C:\Users\Public\Desktop\Git Bash.lnk
2016-07-10 15:06 - 2016-02-28 14:05 - 00000799 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-07-10 15:06 - 2016-02-28 12:24 - 00002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2016-07-10 15:06 - 2016-02-28 00:53 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk
2016-07-10 15:05 - 2016-06-09 19:01 - 00002080 _____ C:\Users\eva\Desktop\Windows Software Development Kit.lnk
2016-07-10 15:05 - 2016-05-25 12:48 - 00002057 _____ C:\Users\eva\Desktop\Willkommen zur ASUS Produktregistrierung.lnk
2016-07-10 15:05 - 2016-05-13 19:36 - 00001205 _____ C:\Users\eva\Desktop\sublime text 3.lnk
2016-07-10 15:05 - 2016-05-07 17:04 - 00001475 _____ C:\Users\eva\Desktop\PhpStorm EAP.lnk
2016-07-10 15:05 - 2016-04-06 13:32 - 00001067 _____ C:\Users\eva\Desktop\Adobe Lightroom.lnk
2016-07-10 15:05 - 2016-04-04 12:31 - 00001188 _____ C:\Users\eva\Desktop\AllDupPortable.lnk
2016-07-10 15:05 - 2016-03-17 22:09 - 00001421 _____ C:\Users\eva\Desktop\PhpStorm 2016.1.lnk
2016-07-10 15:05 - 2016-03-05 00:21 - 00001357 _____ C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\toast.lnk
2016-07-10 15:05 - 2016-02-29 01:17 - 00001111 _____ C:\Users\eva\Desktop\Steuer_FA_Bank.lnk
2016-07-10 15:05 - 2016-02-29 01:15 - 00001240 _____ C:\Users\eva\Desktop\locate32.lnk
2016-07-10 15:05 - 2016-02-28 12:10 - 00000789 _____ C:\Users\eva\Desktop\astrolog.lnk
2016-07-10 15:05 - 2016-02-27 23:22 - 00002383 _____ C:\Users\eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-10 14:57 - 2016-03-03 15:54 - 00000000 ____D C:\Users\eva\AppData\Local\Apps\2.0
2016-07-10 14:57 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\System
2016-07-10 14:34 - 2016-03-03 00:54 - 00000000 ____D C:\Users\eva\AppData\Roaming\FileZilla
2016-07-09 21:22 - 2016-04-15 18:30 - 00000000 ____D C:\Users\eva\AppData\Roaming\vlc
2016-07-09 21:20 - 2016-02-27 23:20 - 00000000 ____D C:\Users\eva\AppData\Local\Packages
2016-07-08 20:14 - 2016-03-04 23:31 - 00000000 ____D C:\Users\eva\AppData\Local\Composer
2016-07-08 14:46 - 2016-02-28 15:17 - 00000000 ____D C:\Users\eva\AppData\Roaming\Composer
2016-07-07 13:55 - 2016-05-19 19:51 - 00000000 ____D C:\Users\eva\Documents\KunstKateVolksdorf
2016-07-07 11:46 - 2016-02-28 14:45 - 00000000 ____D C:\php
2016-07-07 02:39 - 2016-02-28 14:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-05 09:16 - 2016-02-29 01:06 - 00000000 ____D C:\Users\Public\Documents\VR-NetWorld
2016-07-02 06:37 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:37 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-01 07:09 - 2015-10-30 10:13 - 00400310 __RSH C:\bootmgr
2016-07-01 07:05 - 2016-02-27 23:14 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-07-01 05:13 - 2015-11-10 03:15 - 13617096 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-30 00:39 - 2016-05-24 19:26 - 03814512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-30 00:39 - 2015-11-10 03:17 - 20393528 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-30 00:39 - 2015-11-10 03:14 - 00214592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-06-30 00:39 - 2015-11-10 03:13 - 17445096 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-30 00:39 - 2015-11-10 03:13 - 14472848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-30 00:39 - 2015-11-10 03:09 - 03374720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-30 00:39 - 2015-11-10 01:12 - 00040084 _____ C:\Windows\system32\nvinfo.pb
2016-06-29 19:50 - 2016-05-24 20:51 - 00534072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-29 19:50 - 2016-05-24 20:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 06363072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 02455608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-29 19:50 - 2016-05-24 19:19 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-29 19:50 - 2016-05-24 19:19 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-29 13:49 - 2016-03-03 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-06-28 17:21 - 2016-02-28 14:05 - 00917032 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-06-28 17:21 - 2016-02-28 14:05 - 00143568 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-06-25 17:58 - 2016-06-07 22:32 - 00000000 ____D C:\Users\eva\Documents\adressen
2016-06-25 14:28 - 2016-02-29 01:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-23 18:29 - 2016-02-28 00:11 - 00000000 ____D C:\Users\eva\Documents\Adobe
2016-06-23 18:29 - 2016-02-27 23:20 - 00000000 ____D C:\Users\eva\AppData\Roaming\Adobe
2016-06-23 10:06 - 2016-03-31 16:50 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-06-22 22:58 - 2016-04-21 21:39 - 00000000 ____D C:\Program Files (x86)\TomTom
2016-06-22 22:57 - 2016-04-21 21:42 - 54989144 _____ C:\Users\eva\Downloads\TomTomMySportsConnectInstaller.exe
2016-06-22 17:16 - 2016-05-24 19:19 - 07208075 _____ C:\Windows\system32\nvcoproc.bin
2016-06-21 16:17 - 2016-02-28 00:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-21 16:17 - 2016-02-28 00:09 - 00000000 ____D C:\Program Files\Adobe
2016-06-17 23:48 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-06-17 23:24 - 2016-03-26 15:49 - 00000000 ____D C:\Users\eva\Downloads\bootstrap-3.3.6-dist
2016-06-15 00:31 - 2016-02-27 23:11 - 04890512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 00:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-14 22:01 - 2016-05-24 20:46 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-06-14 22:01 - 2016-05-24 19:33 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-06-14 22:01 - 2016-05-24 19:33 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-06-14 22:01 - 2016-05-24 19:32 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-06-14 22:01 - 2016-05-24 19:32 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-06-14 19:50 - 2016-02-28 00:01 - 00000000 ____D C:\Program Files (x86)\Adobe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\eva\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\eva\AppData\Roaming\AdbWinUsbApi.dll
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\eva\AppData\Roaming\EYapp.apk
2016-03-19 15:33 - 2016-03-19 20:23 - 0000600 _____ () C:\Users\eva\AppData\Roaming\winscp.rnd
2016-06-23 20:09 - 2016-06-23 20:09 - 0003584 _____ () C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-19 14:25 - 2016-04-22 23:48 - 0000600 _____ () C:\Users\eva\AppData\Local\PUTTY.RND
2016-03-20 21:05 - 2016-03-20 21:05 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-14 09:11

==================== Ende von FRST.txt ============================
         
und der addition.txt
am Stück
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02
durchgeführt von eva (2016-07-14 15:51:52)
Gestartet von C:\Users\eva\Desktop
Windows 10 Pro Version 1511 (X64) (2016-02-27 21:15:50)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1764389191-2749221916-298074052-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1764389191-2749221916-298074052-503 - Limited - Disabled)
eva (S-1-5-21-1764389191-2749221916-298074052-1001 - Administrator - Enabled) => C:\Users\eva
Gast (S-1-5-21-1764389191-2749221916-298074052-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.0.090 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Astrocontact Astroplus (HKLM-x32\...\Astrocontact Astroplus Demo_is1) (Version:  - Astrocontact Software)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.0.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
CodedUITestUAP (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.19.1 de-DE (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.3.19290 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.7 (x32 Version: 1.7.40113.5 - Microsoft Corporation) Hidden
Git version 2.7.2 (HKLM\...\Git_is1) (Version: 2.7.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
IDE Tools for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JetBrains PhpStorm 10.0.3 (HKLM-x32\...\PhpStorm 10.0.3) (Version: 143.1770 - JetBrains s.r.o.)
JetBrains PhpStorm 145.184.39 (HKLM-x32\...\PhpStorm 145.184.39) (Version: 145.184.39 - JetBrains s.r.o.)
JetBrains PhpStorm 2016.1 (HKLM-x32\...\PhpStorm 2016.1) (Version: 145.258.2 - JetBrains s.r.o.)
JetBrains PhpStorm 2016.1.1 (HKLM-x32\...\PhpStorm 2016.1.1) (Version: 145.969.15 - JetBrains s.r.o.)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Update 2 (HKLM-x32\...\{f2892dc5-7ac2-4ae4-a296-b5b159f61255}) (Version: 14.0.25123.0 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.0 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{7EB9C851-997C-4B84-BE81-D064FA62B0D4}) (Version: 5.10.1 - Node.js Foundation)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
OpenOffice 4.1.2 Language Pack (German) (HKLM-x32\...\{E0E6DB8D-D2B1-4A0B-A09C-44DBC09BF499}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.24 (HKLM\...\{BA15D402-19CA-493E-958B-170A0C446F25}) (Version: 5.0.24 - Oracle Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (x32 Version: 14.0.25219 - Microsoft Corporation) Hidden
PuTTY release 0.67 (HKLM-x32\...\PuTTY_is1) (Version: 0.67 - Simon Tatham)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Add to Path (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit debug) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit symbols) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.57 - LG Electronics Inc.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.31.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vagrant (HKLM-x32\...\{46269A3F-7DFD-4920-AC45-B598BEA166AA}) (Version: 1.8.4 - HashiCorp)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )
VR-NetWorld Software (HKLM-x32\...\{084798D2-33EF-42CC-A925-970AF222898B}) (Version: 6.00.17 - Volksbanken Raiffeisenbanken)
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
vs_update2notification (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - )
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1764389191-2749221916-298074052-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2592BE6C-EB83-4210-955F-9EF63AF3AE48} - System32\Tasks\AdobeAAMUpdater-1.0-EVASCOMPUTER-eva => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {2C3F4CEB-C0DF-4C22-B512-5BBC28EEF5E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {3AC0ED25-46DC-4FAC-9DA9-4176A4C9C6BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-07-14] (Microsoft Corporation)
Task: {7AD13281-AD72-41DF-8929-E21AF802BB5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {8CD26B33-7E15-4589-916D-13D6DC08231B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {A0871AE6-A033-4957-87C3-2C5B88791DAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {AC5538EE-4D21-46A2-927D-4E927DF78F8F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*******.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {CC3DCC71-59F2-4726-B80F-3C96848A0DBF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {F4C32A4B-B0A7-407C-BF14-4096F856B31C} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => F:\programmie\VisualStudio\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-05-24 19:19 - 2016-06-29 19:50 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-24 21:07 - 2012-08-31 16:03 - 00288768 ____N () C:\Windows\System32\HP1100LM.DLL
2016-03-24 21:15 - 2012-08-31 16:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2015-08-18 22:31 - 2015-08-18 22:31 - 00048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-05-24 20:45 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-13 23:27 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-07-13 23:27 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-24 17:43 - 2016-05-24 17:43 - 00959168 _____ () C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-28 15:17 - 2013-11-22 17:10 - 00103880 _____ () C:\Program Files (x86)\ComposerSetup\shellext64.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-28 14:24 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 23:27 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 23:27 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 23:27 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-24 20:45 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-04-19 17:32 - 2016-04-19 17:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:32 - 2016-04-19 17:33 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-24 19:32 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-24 17:43 - 2016-05-24 17:43 - 00679624 _____ () C:\Users\eva\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00016896 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\DeviceDetection.dll
2016-06-20 15:19 - 2016-06-20 15:19 - 01076736 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\ContentManager.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00019968 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TomTomSupporterBase.dll
2016-06-20 15:19 - 2016-06-20 15:19 - 00028672 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\QtSolutions_SingleApplication.dll
2016-06-20 15:17 - 2016-06-20 15:17 - 00109568 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\kqoauth.dll
2016-06-20 15:16 - 2016-06-20 15:16 - 00017920 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TimeParse.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-06-03 03:36 - 2016-06-03 03:36 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-06-27 17:22 - 2016-06-27 17:22 - 00048816 _____ () F:\programme\FileZilla FTP Client\fzshellext.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-06-08 00:41 - 2016-06-08 00:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00121344 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-03 03:20 - 2016-06-03 03:20 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-05-20 17:30 - 2016-05-20 17:30 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-05-20 17:29 - 2016-05-20 17:29 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-07-14 15:21 - 2016-06-23 17:08 - 01747784 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libglesv2.dll
2016-07-14 15:21 - 2016-06-23 17:07 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-07-10 02:50 - 00001331 ____A C:\Windows\system32\Drivers\etc\hosts

192.168.10.10       phpmyadmin.dev
192.168.10.11  		moiekraam.dev
192.168.10.10  		gedok_drei.dev
192.168.10.10  		katesieben2015.dev
192.168.10.10  		katesechs2015.dev
192.168.10.10  		kateacht2015.dev
192.168.10.10  		kateneun2015.dev
192.168.10.10  		KateEins2016Spark.dev
192.168.10.10  		schuermann.dev
192.168.10.10  		MoieLanding2.dev
192.168.10.10  		katezwei2016.dev
192.168.10.10  		katedrei2016.dev
192.168.10.10  		lw-2016-KatenBlog.dev
192.168.10.10  		wp.lw-2016-KatenBlog.dev

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1764389191-2749221916-298074052-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{784112A9-A3C6-4BDD-9ED8-46BA7A307E24}F:\programmie\virtualboxwin10\vboxheadless.exe] => (Allow) F:\programmie\virtualboxwin10\vboxheadless.exe
FirewallRules: [UDP Query User{241D35D6-8731-4CA8-984E-422512C48EE2}F:\programmie\virtualboxwin10\vboxheadless.exe] => (Allow) F:\programmie\virtualboxwin10\vboxheadless.exe
FirewallRules: [{F4A6582C-1073-4442-B4E6-948D9130B9AD}] => (Allow) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{71550C36-8C38-4023-83EC-50DF5EF66FD3}] => (Allow) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{DFCB7EEF-64DC-4E38-8411-9043634D4B97}C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{03CDE024-49F7-4AFE-A14D-EAA929A2C7B3}C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\eva\appdata\local\apps\2.0\62j1r0o9.aqa\r005z9k4.v1v\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{9BBACB26-BB64-4EAF-AFBD-1BA7B4124F78}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{2DC9576D-28D8-472D-8433-6962859A39FE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8ED3AD6D-AB33-4C31-AF5B-BDBA2D5976AF}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2981F380-867B-4867-903E-E4D3288068C9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B8C0C8A8-1219-4229-AD8F-DB01EB2E1F3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{20BB3DA7-B517-4182-BBDF-D11DF0A54F1D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{F7F92C6B-1E55-4E50-805F-174271A587BA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BA72B91B-ED78-4851-8100-2E5F36CA6479}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B3CB3673-4F10-4074-8417-C72C7249F17D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{85A1331A-1F28-4627-91A0-3319129B2E2C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{826AD43B-2EB6-40C8-B0B4-8C986844D993}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9333F9D2-6F7D-4966-A834-BA7B8789FDF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C2816592-6068-43F3-B12B-4AA4168A5745}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21F23D24-9663-44FF-B24E-F683694D9BB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{44EB0A33-6357-430D-A878-9451A45E104F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{814CA135-EA5C-4B63-B4A4-9EFE6F306F2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B690A38D-BEF2-47CF-905F-1E639DF45DA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47251C24-8FF7-4958-AEF9-42F31057750F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{06859BF8-A87B-4669-AFF7-A4831A25E8E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5BBA4D12-2EBE-4318-9275-A5BE63B151BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4BE8013-364F-4C28-A149-C37A9F2D52D6}] => (Allow) F:\programmie\VisualStudio\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{CABD434D-12EF-46ED-8836-FCBDDDF2E21C}F:\programme\vlc\vlc.exe] => (Allow) F:\programme\vlc\vlc.exe
FirewallRules: [UDP Query User{BB3447DA-0C58-4DC8-8D93-F702EE4E50E9}F:\programme\vlc\vlc.exe] => (Allow) F:\programme\vlc\vlc.exe
FirewallRules: [{CCE4E61E-3B78-40C8-84BC-5CA0D7448E50}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{5AF5EAF8-AFDD-4335-B666-8593FBD2070E}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\DrvUpdate.exe
FirewallRules: [{4C932408-1889-4810-A8C4-F42AC2BFFED4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

25-06-2016 14:28:33 Installiert Screen Split
01-07-2016 14:07:10 Installed Oracle VM VirtualBox 5.0.24
07-07-2016 12:47:18 AMDCleanupUtility Restore Point
10-07-2016 15:22:11 JRT Pre-Junkware Removal
14-07-2016 09:11:33 Windows Update
14-07-2016 09:12:00 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/14/2016 02:30:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: regedit.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d798
Name des fehlerhaften Moduls: COMCTL32.dll, Version: 6.10.10586.494, Zeitstempel: 0x5775e30f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x00000000000037a7
ID des fehlerhaften Prozesses: 0x2898
Startzeit der fehlerhaften Anwendung: 0xregedit.exe0
Pfad der fehlerhaften Anwendung: regedit.exe1
Pfad des fehlerhaften Moduls: regedit.exe2
Berichtskennung: regedit.exe3
Vollständiger Name des fehlerhaften Pakets: regedit.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: regedit.exe5

Error: (07/14/2016 02:19:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605ac0
Name des fehlerhaften Moduls: NvMdnsPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x57605fbb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000d45a0
ID des fehlerhaften Prozesses: 0xf4c
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (07/14/2016 02:09:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: regedit.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d798
Name des fehlerhaften Moduls: COMCTL32.dll, Version: 6.10.10586.0, Zeitstempel: 0x5632d2ce
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000000037c9
ID des fehlerhaften Prozesses: 0x37f8
Startzeit der fehlerhaften Anwendung: 0xregedit.exe0
Pfad der fehlerhaften Anwendung: regedit.exe1
Pfad des fehlerhaften Moduls: regedit.exe2
Berichtskennung: regedit.exe3
Vollständiger Name des fehlerhaften Pakets: regedit.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: regedit.exe5

Error: (07/14/2016 01:59:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: regedit.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d798
Name des fehlerhaften Moduls: COMCTL32.dll, Version: 6.10.10586.0, Zeitstempel: 0x5632d2ce
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x00000000000037c9
ID des fehlerhaften Prozesses: 0xd8
Startzeit der fehlerhaften Anwendung: 0xregedit.exe0
Pfad der fehlerhaften Anwendung: regedit.exe1
Pfad des fehlerhaften Moduls: regedit.exe2
Berichtskennung: regedit.exe3
Vollständiger Name des fehlerhaften Pakets: regedit.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: regedit.exe5

Error: (07/14/2016 10:34:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (07/14/2016 09:12:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (07/14/2016 09:11:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (07/14/2016 02:59:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1406

Error: (07/14/2016 02:59:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1406

Error: (07/14/2016 02:59:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (07/14/2016 03:25:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/14/2016 03:19:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_634eb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/14/2016 03:19:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _634eb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/14/2016 03:19:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_634eb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/14/2016 03:19:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_634eb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/14/2016 03:19:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/14/2016 02:17:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_4eb2cc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/14/2016 02:17:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _4eb2cc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/14/2016 02:17:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_4eb2cc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/14/2016 02:17:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_4eb2cc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-07-14 14:21:35.614
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 09:24:13.545
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 09:24:13.525
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 02:54:47.984
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 02:54:47.963
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 02:54:35.141
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 02:54:35.118
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 01:41:51.056
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 01:41:51.035
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-14 01:14:17.168
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X4 955 Processor
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8191.17 MB
Verfügbarer physikalischer RAM: 4875.13 MB
Summe virtueller Speicher: 9471.17 MB
Verfügbarer virtueller Speicher: 6043.3 MB

==================== Laufwerke ================================

Drive c: (SSD500) (Fixed) (Total:465.76 GB) (Free:338.58 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (zweite) (Fixed) (Total:931.51 GB) (Free:623.82 GB) NTFS
Drive x: () (Fixed) (Total:119.14 GB) (Free:29.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: FF67AEEB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00510050)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 247A7B0F)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
gruß
eva

Alt 14.07.2016, 20:21   #13
M-K-D-B
/// TB-Ausbilder
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



Servus,





Google Chrome ist noch infiziert.


Wir führen daher AdwCleaner nochmal aus, aber mit anderen Optionen.



Schritt 1
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Chrome Richtlinien zurücksetzen
    • Chrome Einstellungen zurücksetzen
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die beiden neuen Logdateien von FRST.

Alt 14.07.2016, 21:59   #14
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



Hallo,

adwcleaner.txt
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.201 - Bericht erstellt am 14/07/2016 um 22:37:08
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-14.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : eva - EVASCOMPUTER
# Gestartet von : C:\Users\eva\Desktop\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Program Files (x86)\GreatMaker

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Windows\SysNative\drivers\KuaiZipDrive.sys

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : Coacuiedclernege Module

***** [ Registrierungsdatenbank ] *****

[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [kuaizipupdatesvc]
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.001
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.002
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.003
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.004
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.005
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.006
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.007
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.008
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.009
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.01
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.010
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.011
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.012
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.013
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.014
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.015
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.016
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.017
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.018
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.019
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.02
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.020
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.021
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.022
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.023
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.024
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.025
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.026
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.027
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.028
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.029
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.03
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.030
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.031
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.032
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.033
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.034
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.035
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.036
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.037
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.038
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.039
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.04
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.040
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.041
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.042
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.043
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.044
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.045
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.046
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.047
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.048
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.049
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.05
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.050
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.051
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.052
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.053
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.054
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.055
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.056
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.057
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.058
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.059
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.06
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.060
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.061
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.062
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.063
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.064
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.065
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.066
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.067
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.068
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.069
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.07
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.070
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.071
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.072
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.073
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.074
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.075
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.076
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.077
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.078
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.079
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.08
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.080
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.081
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.082
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.083
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.084
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.085
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.086
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.087
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.088
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.089
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.09
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.090
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.091
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.092
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.093
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.094
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.095
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.096
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.097
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.098
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.099
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.7z
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.arj
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.bz2
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.cab
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.gz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.gzip
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.iso
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.jar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.lzh
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.rar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.rpm
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.tar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.tbz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.tgz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.wim
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.z
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool.zip
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\ZipTool_FileAsso.Origin
[-] Schlüssel gelöscht : HKCU\Software\SNDA
[-] Schlüssel gelöscht : HKCU\Software\KuaiZipSFX
[-] Schlüssel gelöscht : HKCU\Software\Maoha
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Maoha
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CCE4E61E-3B78-40C8-84BC-5CA0D7448E50}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5AF5EAF8-AFDD-4335-B666-8593FBD2070E}]
[-] Schlüssel gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[-] Schlüssel gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[-] Schlüssel gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[-] Schlüssel gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am

***** [ Internetbrowser ] *****

[-] [C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] gelöscht : hxxp://www.trotux.com/?z=e6ee2bfd84aa90be2b4ef20g7zbq2bcg0eeo5qbe4o&from=ftp&uid=C300-CTFDDAC128MAG_000000001106030289DD&type=hp

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt : C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3908 Bytes] - [10/07/2016 15:08:32]
C:\AdwCleaner\AdwCleaner[C2].txt - [11003 Bytes] - [14/07/2016 22:37:08]
C:\AdwCleaner\AdwCleaner[S1].txt - [3729 Bytes] - [10/07/2016 15:05:47]
C:\AdwCleaner\AdwCleaner[S2].txt - [10458 Bytes] - [14/07/2016 22:35:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [11224 Bytes] ##########
         
--- --- ---

[/Code]

Alt 14.07.2016, 22:02   #15
quincycato
 
MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Standard

MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10



frst.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02
durchgeführt von eva (Administrator) auf EVASCOMPUTER (14-07-2016 22:40:33)
Gestartet von C:\Users\eva\Desktop
Geladene Profile: eva (Verfügbare Profile: eva)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(AVM Berlin) C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.7031.23501.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.22051.0_x64__8wekyb3d8bbwe\Music.UI.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\eva\AppData\Local\Apps\2.0\62J1R0O9.AQA\R005Z9K4.V1V\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2016-03-03] (AVM Berlin)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [3834368 2016-06-20] (TomTom)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1764389191-2749221916-298074052-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2640336 2015-08-27] (TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [5602768 2015-09-01] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk [2016-07-10]
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Windows\Installer\{084798D2-33EF-42CC-A925-970AF222898B}\NewShortcut1_5A2CAB8514594533A6B50E3D23448BE1.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c6ef35ba-7431-4f1d-936d-26820bb64337}: [DhcpNameServer] 192.168.178.1
ManualProxies: 

Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-31] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-14]
CHR Extension: (Google Docs) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-14]
CHR Extension: (Google Drive) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-07-14]
CHR Extension: (YouTube) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-14]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-07-14]
CHR Extension: (Adobe Acrobat) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-07-14]
CHR Extension: (Google Sheets) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-14]
CHR Extension: (React Developer Tools) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2016-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-14]
CHR Extension: (Wunderlist for Chrome) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2016-07-14]
CHR Extension: (Gmail) - C:\Users\eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-08-18] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-29] (Microsoft Corporation) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 VSStandardCollectorService140; F:\programmie\VisualStudio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2016-03-03] (AVM Berlin)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-14] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-06-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192864 2016-06-28] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-14 22:18 - 2016-07-14 22:18 - 00000000 ___HD C:\OneDriveTemp
2016-07-14 17:35 - 2016-07-14 17:35 - 00000000 ____D C:\Users\eva\.PhpStorm2016.2
2016-07-14 16:19 - 2016-07-14 16:19 - 00205111 _____ C:\Users\eva\Desktop\eset-hitman-frst-addition-14-7-trojaner-board-post.txt
2016-07-14 15:51 - 2016-07-14 22:40 - 00020984 _____ C:\Users\eva\Desktop\FRST.txt
2016-07-14 15:51 - 2016-07-14 16:19 - 00057301 _____ C:\Users\eva\Desktop\Addition.txt
2016-07-14 15:21 - 2016-07-14 15:21 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-14 15:21 - 2016-07-14 15:21 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-14 14:19 - 2016-07-14 14:19 - 00000000 ____D C:\Program Files\CMAK
2016-07-14 14:19 - 2016-07-14 14:19 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-07-14 14:16 - 2016-07-14 14:16 - 00000170 _____ C:\Users\eva\Desktop\reg-eintrag-geloescht.txt
2016-07-14 10:56 - 2016-07-14 10:56 - 00003893 _____ C:\Users\eva\Desktop\eset-log.txt
2016-07-14 10:37 - 2016-07-14 10:51 - 00000000 ____D C:\ProgramData\HitmanPro
2016-07-14 10:35 - 2016-07-14 10:37 - 11438608 _____ (SurfRight B.V.) C:\Users\eva\Downloads\HitmanPro_x64.exe
2016-07-14 10:24 - 2016-07-14 10:24 - 00003178 _____ C:\Users\eva\Desktop\eset-gefundene-bedrohungen.txt
2016-07-13 23:30 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-07-13 23:30 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-13 23:30 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-07-13 23:30 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-07-13 23:30 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-07-13 23:30 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-07-13 23:30 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-07-13 23:30 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-07-13 23:30 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-07-13 23:30 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-07-13 23:30 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-07-13 23:30 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-07-13 23:30 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-07-13 23:30 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-07-13 23:30 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-07-13 23:30 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2016-07-13 23:30 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-07-13 23:30 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-07-13 23:30 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2016-07-13 23:30 - 2016-07-01 05:46 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\DXToolsMonitor.dll
2016-07-13 23:30 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 23:30 - 2016-07-01 05:44 - 00727552 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsExperiment.dll
2016-07-13 23:30 - 2016-07-01 05:43 - 05667328 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsDesktopEngine.exe
2016-07-13 23:30 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2016-07-13 23:30 - 2016-07-01 05:43 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\DXCap.exe
2016-07-13 23:30 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 05562880 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsRemoteEngine.exe
2016-07-13 23:30 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2016-07-13 23:30 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 23:30 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-13 23:30 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-07-13 23:30 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-13 23:30 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-13 23:30 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-07-13 23:30 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-07-13 23:30 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-13 23:30 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 23:30 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-07-13 23:30 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-07-13 23:30 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-07-13 23:30 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-07-13 23:30 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-07-13 23:30 - 2016-07-01 05:36 - 08574464 _____ (Microsoft Corporation) C:\Windows\system32\DXCaptureReplay.dll
2016-07-13 23:30 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2016-07-13 23:30 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-07-13 23:30 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-07-13 23:30 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-07-13 23:30 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-13 23:30 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-07-13 23:30 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-13 23:30 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-07-13 23:30 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-07-13 23:30 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-07-13 23:30 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-07-13 23:30 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2016-07-13 23:30 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-13 23:30 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-13 23:30 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 23:30 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-07-13 23:30 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-07-13 23:30 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-13 23:30 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-07-13 23:30 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-07-13 23:30 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-13 23:30 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2016-07-13 23:30 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-07-13 23:30 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-07-13 23:30 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-07-13 23:29 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-07-13 23:29 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-07-13 23:29 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-13 23:29 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-07-13 23:29 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-07-13 23:29 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-07-13 23:29 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 23:29 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-07-13 23:29 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-07-13 23:29 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-07-13 23:29 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-07-13 23:29 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-13 23:29 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-13 23:29 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-07-13 23:29 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2016-07-13 23:29 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-07-13 23:29 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-13 23:29 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-07-13 23:29 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll
2016-07-13 23:29 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-07-13 23:29 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-07-13 23:29 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-07-13 23:29 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-07-13 23:29 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2016-07-13 23:29 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\cdpreference.exe
2016-07-13 23:29 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2016-07-13 23:29 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2016-07-13 23:29 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2016-07-13 23:29 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-07-13 23:29 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-07-13 23:29 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-07-13 23:29 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-13 23:29 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\FingerprintEnrollment.dll
2016-07-13 23:29 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2016-07-13 23:29 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-13 23:29 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Maps.dll
2016-07-13 23:29 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-13 23:29 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2016-07-13 23:29 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\WmpDui.dll
2016-07-13 23:29 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-07-13 23:29 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2016-07-13 23:29 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-07-13 23:29 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2016-07-13 23:29 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-07-13 23:29 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-07-13 23:29 - 2016-07-01 05:45 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\VsGraphicsCapture.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\DXToolsOfflineAnalysis.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2016-07-13 23:29 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-07-13 23:29 - 2016-07-01 05:43 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\d2d1debug3.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-07-13 23:29 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-07-13 23:29 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-07-13 23:29 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-07-13 23:29 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-07-13 23:29 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-13 23:29 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-07-13 23:29 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-07-13 23:29 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-07-13 23:29 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IconCodecService.dll
2016-07-13 23:29 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-07-13 23:29 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-07-13 23:29 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-07-13 23:29 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll
2016-07-13 23:29 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-07-13 23:29 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-07-13 23:29 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-07-13 23:29 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-07-13 23:29 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2016-07-13 23:29 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2016-07-13 23:29 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2016-07-13 23:29 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-13 23:29 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2016-07-13 23:29 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-07-13 23:29 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-13 23:29 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe
2016-07-13 23:29 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-07-13 23:29 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2016-07-13 23:29 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 23:29 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-07-13 23:29 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-07-13 23:29 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2016-07-13 23:29 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 23:29 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-07-13 23:29 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2016-07-13 23:29 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-07-13 23:29 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2016-07-13 23:29 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2016-07-13 23:29 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2016-07-13 23:29 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-07-13 23:29 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-07-13 23:29 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 01001984 _____ (Microsoft Corporation) C:\Windows\system32\d3d12SDKLayers.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-07-13 23:29 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-07-13 23:29 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-07-13 23:29 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-13 23:29 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-07-13 23:29 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 23:29 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-07-13 23:29 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-07-13 23:29 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll
2016-07-13 23:29 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 23:29 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 23:29 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-07-13 23:29 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-07-13 23:29 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-07-13 23:29 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-07-13 23:29 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2016-07-13 23:29 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-07-13 23:29 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-13 23:29 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-07-13 23:29 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-07-13 23:28 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-13 23:28 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2016-07-13 23:28 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-07-13 23:28 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2016-07-13 23:28 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-07-13 23:28 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-07-13 23:28 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-13 23:28 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-07-13 23:28 - 2016-07-01 06:38 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-07-13 23:28 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2016-07-13 23:28 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 23:28 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2016-07-13 23:28 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-07-13 23:28 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-07-13 23:28 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-07-13 23:28 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-07-13 23:28 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-07-13 23:28 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2016-07-13 23:28 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2016-07-13 23:28 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-07-13 23:28 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-07-13 23:28 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-07-13 23:28 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-07-13 23:28 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2016-07-13 23:28 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2016-07-13 23:28 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-07-13 23:28 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-07-13 23:28 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-07-13 23:28 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-07-13 23:28 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2016-07-13 23:28 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-07-13 23:28 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-07-13 23:28 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-07-13 23:28 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-07-13 23:28 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2016-07-13 23:28 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 23:28 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-07-13 23:28 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-07-13 23:28 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2016-07-13 23:28 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-07-13 23:28 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-07-13 23:28 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-07-13 23:28 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-07-13 23:28 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-07-13 23:28 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll
2016-07-13 23:28 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-07-13 23:28 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-07-13 23:28 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-07-13 23:28 - 2016-07-01 05:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2016-07-13 23:28 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-07-13 23:28 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 23:28 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-07-13 23:28 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-07-13 23:28 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\SimCfg.dll
2016-07-13 23:28 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-07-13 23:28 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2016-07-13 23:28 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2016-07-13 23:28 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-07-13 23:28 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\SimAuth.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-07-13 23:28 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-07-13 23:28 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-07-13 23:28 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\fhsettingsprovider.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack_win.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll
2016-07-13 23:28 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2016-07-13 23:28 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2016-07-13 23:28 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2016-07-13 23:28 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-07-13 23:28 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-07-13 23:28 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-07-13 23:28 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-07-13 23:28 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-07-13 23:28 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-07-13 23:28 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-07-13 23:28 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2016-07-13 23:28 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-07-13 23:28 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-07-13 23:28 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-07-13 23:28 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-07-13 23:28 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-07-13 23:28 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 23:28 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-07-13 23:28 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-07-13 23:28 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2016-07-13 23:28 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-07-13 23:28 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-07-13 23:28 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-07-13 23:28 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2016-07-13 23:28 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-07-13 23:28 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-07-13 23:28 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2016-07-13 23:28 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2016-07-13 23:28 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-07-13 23:28 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2016-07-13 23:28 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-07-13 23:28 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-07-13 23:28 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-07-13 23:28 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimCfg.dll
2016-07-13 23:28 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2016-07-13 23:28 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-07-13 23:28 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2016-07-13 23:28 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-07-13 23:28 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WmpDui.dll
2016-07-13 23:28 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2016-07-13 23:28 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-07-13 23:28 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2016-07-13 23:28 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXToolsMonitor.dll
2016-07-13 23:28 - 2016-07-01 05:29 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsCapture.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsExperiment.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 23:28 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcfile.dll
2016-07-13 23:28 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 04533760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsDesktopEngine.exe
2016-07-13 23:28 - 2016-07-01 05:26 - 04445184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsRemoteEngine.exe
2016-07-13 23:28 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-07-13 23:28 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 06584320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXCaptureReplay.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2016-07-13 23:28 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2016-07-13 23:28 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2016-07-13 23:28 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-07-13 23:28 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-07-13 23:28 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2016-07-13 23:28 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-13 23:28 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2016-07-13 23:28 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-07-13 23:28 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-07-13 23:28 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-07-13 23:28 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-07-13 23:28 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll
2016-07-13 23:28 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2016-07-13 23:28 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-07-13 23:28 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 23:28 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2016-07-13 23:28 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2016-07-13 23:28 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2016-07-13 23:28 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-07-13 23:28 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-07-13 23:28 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-07-13 23:28 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-07-13 23:28 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-07-13 23:28 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-07-13 23:28 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-13 23:28 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-07-13 23:28 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2016-07-13 23:28 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-07-13 23:28 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 23:28 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-07-13 23:28 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-07-13 23:28 - 2016-07-01 05:10 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12SDKLayers.dll
2016-07-13 23:28 - 2016-02-09 06:25 - 00304752 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2016-07-13 23:27 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-13 23:27 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-13 23:27 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-07-13 23:27 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-07-13 23:27 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-07-13 23:27 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-07-13 23:27 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-07-13 23:27 - 2016-07-01 06:48 - 02656408 _____ C:\Windows\system32\CoreUIComponents.dll
2016-07-13 23:27 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-07-13 23:27 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-07-13 23:27 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-07-13 23:27 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-07-13 23:27 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-07-13 23:27 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-07-13 23:27 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-07-13 23:27 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-07-13 23:27 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-07-13 23:27 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-07-13 23:27 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-07-13 23:27 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-07-13 23:27 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUX.dll
2016-07-13 23:27 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\IconCodecService.dll
2016-07-13 23:27 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2016-07-13 23:27 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-07-13 23:27 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-07-13 23:27 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2016-07-13 23:27 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2016-07-13 23:27 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-07-13 23:27 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2016-07-13 23:27 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2016-07-13 23:27 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-07-13 23:27 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUXHost.exe
2016-07-13 23:27 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-07-13 23:27 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2016-07-13 23:27 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 23:27 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2016-07-13 23:27 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2016-07-13 23:27 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 23:27 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2016-07-13 23:27 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2016-07-13 23:27 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-07-13 23:27 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-07-13 23:27 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2016-07-13 23:27 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2016-07-13 23:27 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2016-07-13 23:27 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2016-07-13 23:27 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-07-13 23:27 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-07-13 23:27 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-07-13 23:27 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-07-13 23:27 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll
2016-07-13 23:27 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2016-07-13 23:27 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2016-07-13 23:27 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-07-13 23:27 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 23:27 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2016-07-13 23:27 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2016-07-13 23:27 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2016-07-13 23:27 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-07-13 23:27 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2016-07-13 23:27 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-07-13 23:27 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 23:27 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 23:27 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2016-07-13 23:27 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 23:27 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2016-07-13 23:27 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-07-13 23:27 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2016-07-13 23:27 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimAuth.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2016-07-13 23:27 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ProximityCommon.dll
2016-07-13 23:27 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-07-13 23:27 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-07-13 23:27 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
2016-07-13 23:27 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00833536 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2016-07-13 23:27 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 00655360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXCap.exe
2016-07-13 23:27 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2016-07-13 23:27 - 2016-07-01 05:27 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1debug3.dll
2016-07-13 23:27 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2016-07-13 23:27 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2016-07-13 23:27 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2016-07-13 23:27 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2016-07-13 23:27 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-13 23:27 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-07-13 23:27 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-07-13 23:27 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-07-13 23:27 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-07-13 23:27 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2016-07-13 23:27 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 23:27 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-07-13 23:27 - 2016-07-01 05:11 - 01064960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11_3SDKLayers.dll
2016-07-13 23:27 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2016-07-13 23:27 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-07-13 23:27 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-12 20:46 - 2016-07-12 20:46 - 00000000 ____D C:\Program Files (x86)\ESET
2016-07-12 20:45 - 2016-07-12 20:46 - 02870984 _____ (ESET) C:\Users\eva\Downloads\esetsmartinstaller_deu.exe
2016-07-12 01:22 - 2016-07-12 01:22 - 00000000 ____D C:\Users\eva\AppData\Local\Tempzxpsign1353bb735fe760a4
2016-07-12 00:28 - 2016-07-14 15:54 - 00000000 ____D C:\Users\eva\Desktop\frst-logs
2016-07-12 00:06 - 2016-07-14 10:56 - 00000000 ____D C:\Users\eva\Desktop\FRST-OlderVersion
2016-07-10 21:25 - 2016-07-10 21:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-10 21:25 - 2016-06-29 19:21 - 00111552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-07-10 21:25 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-10 21:25 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-07-10 21:25 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-10 21:25 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-10 21:24 - 2016-06-30 00:39 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-07-10 21:24 - 2016-06-30 00:39 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 31663040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 25431608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 17747392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10680808 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10656296 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 10224024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 09013792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 08741848 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 08608120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 02845120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 02471992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436869.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01579976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436869.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00984512 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00909248 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00787384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00786176 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00771640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00709176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00632848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00631288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00601936 _____ C:\Windows\system32\nvmcumd.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00565208 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00549424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00452432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00383936 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00379808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00348216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00316632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00153232 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00131584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-07-10 21:22 - 2016-06-30 00:39 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-07-10 15:17 - 2016-07-10 15:21 - 01610560 _____ (Malwarebytes) C:\Users\eva\Desktop\JRT.exe
2016-07-10 15:05 - 2016-07-14 22:37 - 00000000 ____D C:\AdwCleaner
2016-07-10 15:03 - 2016-07-10 15:04 - 03712064 _____ C:\Users\eva\Desktop\AdwCleaner_5.201.exe
2016-07-10 14:15 - 2016-07-14 22:38 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-10 14:15 - 2016-07-10 15:06 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-10 14:15 - 2016-07-10 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-10 14:15 - 2016-07-10 14:15 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-10 14:15 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-10 14:15 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-10 14:15 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-10 12:39 - 2016-07-10 12:39 - 00066249 _____ C:\Users\eva\Downloads\FRST.txt
2016-07-10 12:38 - 2016-07-14 10:56 - 02390528 _____ (Farbar) C:\Users\eva\Desktop\FRST64.exe
2016-07-10 04:06 - 2016-07-10 04:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\eva\Downloads\HijackThis.exe
2016-07-10 03:31 - 2016-07-10 03:38 - 00061356 _____ C:\Users\eva\Downloads\Addition.txt
2016-07-10 03:24 - 2016-07-14 22:40 - 00000000 ____D C:\FRST
2016-07-10 03:22 - 2016-07-10 03:22 - 01740288 _____ (Farbar) C:\Users\eva\Downloads\FRST.exe
2016-07-10 03:12 - 2016-07-10 03:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-10 03:10 - 2016-07-10 03:11 - 22851472 _____ (Malwarebytes ) C:\Users\eva\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-10 01:43 - 2016-07-10 01:43 - 00000000 ____D C:\$SysReset
2016-07-10 00:59 - 2016-07-10 00:59 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2016-07-10 00:20 - 2016-07-10 00:20 - 00000000 ____D C:\Program Files (x86)\Maxthon
2016-07-10 00:17 - 2016-07-10 01:00 - 00000000 ____D C:\Windows\system32\SSL
2016-07-10 00:14 - 2016-07-10 00:12 - 00001691 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-07-07 12:52 - 2016-07-07 12:52 - 00000036 _____ C:\Users\eva\Desktop\altephp5.6versionausdemPath.txt
2016-07-07 12:46 - 2016-07-07 12:47 - 06737632 _____ (Advanced Micro Devices) C:\Users\eva\Downloads\amd1560cleanuputility.exe
2016-07-07 11:33 - 2016-07-07 11:33 - 21953914 _____ C:\Users\eva\Downloads\php-7.0.8-nts-Win32-VC14-x86.zip
2016-07-05 18:29 - 2016-07-05 18:29 - 00000967 _____ C:\Users\eva\Desktop\NLP-8-9.Okt-ExplorersKompakt-gewonnen.txt
2016-07-02 00:57 - 2016-07-02 00:57 - 00002133 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen-2.txt
2016-07-01 14:19 - 2016-07-01 20:19 - 00004323 _____ C:\Users\eva\Desktop\gedok-feeds.txt
2016-07-01 14:07 - 2016-07-01 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-07-01 14:03 - 2016-07-01 14:05 - 113455072 _____ (Oracle Corporation) C:\Users\eva\Downloads\VirtualBox-5.0.24-108355-Win.exe
2016-07-01 13:53 - 2016-07-01 13:54 - 173203674 _____ C:\Users\eva\Downloads\vagrant_1.8.4.msi
2016-06-30 11:18 - 2016-06-30 11:19 - 00000000 ____D C:\Users\eva\Documents\Kurse
2016-06-30 10:06 - 2016-06-30 10:06 - 00028160 _____ C:\Users\eva\Documents\vr-export-wegleitner.xls
2016-06-29 14:31 - 2016-06-29 14:31 - 00002165 _____ C:\Users\eva\Desktop\GEDOK-Anforderungen.txt
2016-06-29 13:48 - 2016-06-29 13:48 - 06569088 _____ (Tim Kosse) C:\Users\eva\Downloads\FileZilla_3.19.0_win64-setup.exe
2016-06-29 12:31 - 2016-07-08 22:07 - 00000000 ____D C:\Users\eva\Documents\GEDOK
2016-06-28 17:21 - 2016-06-28 17:21 - 00192864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-06-28 17:21 - 2016-06-28 17:21 - 00119712 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\eva\AppData\Roaming\EYapp.apk
2016-06-25 14:37 - 2015-09-01 15:11 - 00049152 _____ () C:\Windows\SysWOW64\LGErrorHandler.dll
2016-06-25 14:35 - 2016-06-25 14:36 - 15210348 _____ C:\Users\eva\Downloads\ScreenSplit_6.55.zip
2016-06-25 14:28 - 2016-07-10 15:06 - 00002358 _____ C:\Users\Public\Desktop\Screen Split.lnk
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Split
2016-06-25 14:28 - 2016-06-25 14:28 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-06-25 14:28 - 2015-09-01 15:12 - 00131072 _____ (LG Soft India) C:\Windows\SysWOW64\LGMonitorDDCCISDK.dll
2016-06-25 14:28 - 2015-09-01 15:11 - 00102400 _____ (LG Soft India) C:\Windows\SysWOW64\LGProtocolEngine.dll
2016-06-25 14:28 - 2015-04-13 15:07 - 00019968 _____ C:\Windows\SysWOW64\LGPII2CDriver.sys
2016-06-25 14:28 - 2015-04-13 15:07 - 00016384 _____ (LG Soft India) C:\Windows\SysWOW64\LGI2CDriver.sys
2016-06-25 14:28 - 2014-09-04 09:16 - 00196608 _____ (LG Soft India) C:\Windows\SysWOW64\LGDeviceManager.dll
2016-06-24 21:26 - 2016-06-24 21:35 - 00002928 _____ C:\Users\eva\Desktop\gedok-web-ssl-undnewsletter-umbau.txt
2016-06-24 20:08 - 2016-06-24 20:08 - 00002215 _____ C:\Users\eva\Desktop\windows-mobile-email-einrichtungs-anleitung-STRATO.txt
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838.pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (2).pdf
2016-06-24 17:17 - 2016-06-24 17:17 - 00023739 _____ C:\Users\eva\Downloads\2016-06-23_RE14669838 (1).pdf
2016-06-24 16:49 - 2016-06-24 16:49 - 00002798 _____ C:\Users\eva\Desktop\confirmation.htm
2016-06-23 20:09 - 2016-06-23 20:09 - 00003584 _____ C:\Users\eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 11:09 - 2016-06-23 11:09 - 00000129 _____ C:\Users\eva\Desktop\gedok-katalog-text.txt
2016-06-21 16:15 - 2016-07-10 15:06 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-06-21 16:08 - 2016-07-10 15:06 - 00001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-06-21 15:58 - 2016-06-21 15:58 - 00000000 ____D C:\Users\eva\Desktop\Painting and Classic Frames
2016-06-21 15:54 - 2016-07-10 15:06 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-06-21 01:29 - 2016-06-21 01:29 - 00052301 _____ C:\Users\eva\Desktop\DHLReturnLabel.pdf
2016-06-21 01:27 - 2016-06-21 01:27 - 00048159 _____ C:\Users\eva\Desktop\DHL_Collection_Details_de.pdf
2016-06-21 01:21 - 2016-06-21 01:21 - 00040845 _____ C:\Users\eva\Desktop\basisband-Eva *****-ENR0105493.pdf
2016-06-21 01:20 - 2016-06-21 01:20 - 00037547 _____ C:\Users\eva\Downloads\Eva *****-ENR0105493.pdf
2016-06-18 17:22 - 2016-06-18 17:22 - 06140101 _____ C:\Users\eva\Downloads\dict-en.oxt
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts.csv
2016-06-18 17:19 - 2016-06-18 17:19 - 00023300 _____ C:\Users\eva\Downloads\OutlookContacts (1).csv
2016-06-18 17:05 - 2016-06-18 17:05 - 00042768 _____ C:\Users\eva\Downloads\google.csv
2016-06-14 20:09 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 20:09 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 20:09 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-14 20:09 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-14 20:09 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-14 20:08 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-14 20:08 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-14 20:08 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-14 20:08 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 20:08 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 20:08 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-14 20:08 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-14 20:08 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-14 20:08 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-14 20:08 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 20:08 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-14 20:08 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-14 20:08 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 20:08 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-14 20:08 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-14 20:08 - 2016-05-28 06:29 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-14 20:08 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-14 20:08 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-14 20:08 - 2016-05-28 06:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARP12Debug.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-14 20:08 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 20:08 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-14 20:08 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 20:08 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-14 20:08 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-14 20:08 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARPDebug.dll
2016-06-14 20:08 - 2016-05-28 06:21 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-14 20:08 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 20:08 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-14 20:08 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 20:08 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 20:08 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00579072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-14 20:08 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 20:08 - 2016-05-28 06:14 - 03292672 _____ (Microsoft Corporation) C:\Windows\system32\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-14 20:08 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-14 20:08 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 02470912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12warp.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-14 20:08 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-14 20:08 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-14 20:08 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-14 20:08 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-14 20:08 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-14 20:08 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 19:50 - 2016-07-10 15:06 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-14 19:50 - 2016-07-10 15:06 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-14 22:39 - 2016-06-07 20:07 - 00000000 ___RD C:\Users\eva\iCloudDrive
2016-07-14 22:39 - 2016-02-28 00:03 - 00000000 ___RD C:\Users\eva\Creative Cloud Files
2016-07-14 22:39 - 2016-02-28 00:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-14 22:39 - 2016-02-27 23:58 - 00000000 ____D C:\Users\eva\AppData\Local\Adobe
2016-07-14 22:39 - 2016-02-27 23:22 - 00000000 ___RD C:\Users\eva\OneDrive
2016-07-14 22:38 - 2016-05-24 19:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-14 22:38 - 2016-02-27 23:28 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-14 22:38 - 2016-02-27 23:14 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-14 22:37 - 2016-03-03 18:40 - 00000000 ____D C:\Users\eva\AppData\Local\CrashDumps
2016-07-14 22:37 - 2015-10-30 08:28 - 00786432 ___SH C:\Windows\system32\config\BBI
2016-07-14 22:22 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-14 22:22 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
         
Ende Teil 1

Geändert von quincycato (14.07.2016 um 22:09 Uhr)

Antwort

Themen zu MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10
.dll, administrator, bonjour, browser, defender, entfernen, explorer, ftp, google, hijack, homepage, installation, mpc-cleaner, node.js, photoshop, popups, prozesse, registry, rundll, scan, software, suchmaschine, svchost.exe, system, temp, trotux, win 10 pro, windows, windows 10 pro, windowsapps, winlogon.exe




Ähnliche Themen: MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10


  1. MPC Cleaner lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 29.05.2016 (26)
  2. Spyhunter 4 läßt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 06.04.2016 (42)
  3. Windows 7: MPC Cleaner lässt sich nicht deinstallieren / entferne
    Log-Analyse und Auswertung - 22.03.2016 (20)
  4. MPC Cleaner läßt sich nicht entfernen
    Log-Analyse und Auswertung - 11.03.2016 (12)
  5. Falsch geklickt, MPC Cleaner lässt sich nicht deinstallieren und jede Menge Popups
    Log-Analyse und Auswertung - 03.03.2016 (15)
  6. Spark Browser lässt sich nicht deinstallieren, da ich kein Chinesisch kann
    Plagegeister aller Art und deren Bekämpfung - 21.02.2016 (11)
  7. mystartsearch.com in Microsoft Edge läßt sich einfach nicht deinstallieren!
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (10)
  8. mystartsearch.com in Microsoft Edge läßt sich einfach nicht deinstallieren!
    Antiviren-, Firewall- und andere Schutzprogramme - 29.10.2015 (11)
  9. Windows 7: Adobe Flashplayer läßt sich nicht installieren; Minsparktoolbar funktioniert nicht
    Log-Analyse und Auswertung - 05.08.2015 (22)
  10. Zombienews - Programm läßt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (3)
  11. IE agiert versteckt und läßt sich nicht deinstallieren
    Log-Analyse und Auswertung - 15.02.2014 (10)
  12. "start.iminent.com" erscheint im Browser und läßt sich nicht entfernen
    Log-Analyse und Auswertung - 27.11.2013 (3)
  13. Pc Performer läßt sich nicht deinstallieren. Eventuell noch mehr Malware oder Viren auf dem Rechner
    Plagegeister aller Art und deren Bekämpfung - 31.10.2013 (14)
  14. Snap.Do Engine läßt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 27.10.2013 (19)
  15. "start.iminent.com" erscheint im Browser und läßt sich nicht entfernen
    Log-Analyse und Auswertung - 15.10.2013 (5)
  16. Windows XP läßt sich nicht mehr starten
    Alles rund um Windows - 26.09.2009 (15)
  17. windows update läßt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 05.06.2008 (1)

Zum Thema MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 - Hallo, durch einen unbedachten Klick zu später Stunde habe ich mir den MPC Cleaner, eine chinesische Suchmaschine (trotux) und weitere Browserumleitungen ins System geholt. Es gab Casino links und Popups - MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10...
Archiv
Du betrachtest: MPC Cleaner läßt sich nicht deinstallieren + Browser Umleitungen - windows 10 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.